module Google::Auth::IDTokens

def forget_sources!

Other tags:
    Private: - 
def forget_sources!
  @oidc_key_source = @iap_key_source = nil
  self
end

def iap_key_source

Returns:
  • (Google::Auth::IDTokens::JwkHttpKeySource) - 
def iap_key_source
  @iap_key_source ||= JwkHttpKeySource.new IAP_JWK_URL
end

def oidc_key_source

Returns:
  • (Google::Auth::IDTokens::JwkHttpKeySource) - 
def oidc_key_source
  @oidc_key_source ||= JwkHttpKeySource.new OAUTH2_V3_CERTS_URL
end

def verify_iap token,

Raises:
  • (VerificationError) - if the token verification failed.
  • (KeySourceError) - if the key source failed to obtain public keys

Returns:
  • (Hash) - The decoded token payload.

Parameters:
  • aud (String, Array, nil) -- The expected audience. At least
  • azp (String, Array, nil) -- The expected authorized party
  • aud (String, Array, nil) -- The expected audience. At least
  • token (String) -- The ID token to verify 
def verify_iap token,
               aud: nil,
               azp: nil,
               iss: IAP_ISSUERS
  verifier = Verifier.new key_source: iap_key_source,
                          aud:        aud,
                          azp:        azp,
                          iss:        iss
  verifier.verify token
end

def verify_oidc token,

Raises:
  • (VerificationError) - if the token verification failed.
  • (KeySourceError) - if the key source failed to obtain public keys

Returns:
  • (Hash) - The decoded token payload.

Parameters:
  • aud (String, Array, nil) -- The expected audience. At least
  • azp (String, Array, nil) -- The expected authorized party
  • aud (String, Array, nil) -- The expected audience. At least
  • token (String) -- The ID token to verify 
def verify_oidc token,
                aud: nil,
                azp: nil,
                iss: OIDC_ISSUERS
  verifier = Verifier.new key_source: oidc_key_source,
                          aud:        aud,
                          azp:        azp,
                          iss:        iss
  verifier.verify token
end