Class: Firebase::Admin::Auth::JWTVerifier

Inherits:

Object

Object
Firebase::Admin::Auth::JWTVerifier

show all

Defined in:: lib/firebase/admin/auth/token_verifier.rb

Overview

Base class for verifying Firebase JWTs.

Direct Known Subclasses

IDTokenVerifier

Instance Method Summary collapse

#expired_error ⇒ Object
#initialize(app, certificates_url) ⇒ JWTVerifier constructor

Initializes a new verifier.
#invalid_error ⇒ Object
#issuer ⇒ Object

Override in subclasses to set the issuer.
#verify(token, is_emulator: false) ⇒ Hash

Verifies a Firebase ID token.

Constructor Details

#initialize(app, certificates_url) ⇒ `JWTVerifier`

Initializes a new verifier.

Parameters:

app (Firebase::Admin::App) —

The Firebase app to verify tokens for.
certificates_url (String) —

The url to load public key certificates used during token verification.

# File 'lib/firebase/admin/auth/token_verifier.rb', line 15

def initialize(app, certificates_url)
  @project_id = app.project_id
  @certificates = CertificatesFetcher.new(certificates_url)
end

Instance Method Details

#expired_error ⇒ `Object`

Raises:

(NotImplementedError)



46
47
48

# File 'lib/firebase/admin/auth/token_verifier.rb', line 46

def expired_error
  raise NotImplementedError
end

#invalid_error ⇒ `Object`

Raises:

(NotImplementedError)



42
43
44

# File 'lib/firebase/admin/auth/token_verifier.rb', line 42

def invalid_error
  raise NotImplementedError
end

#issuer ⇒ `Object`

Override in subclasses to set the issuer

Raises:

(NotImplementedError)



38
39
40

# File 'lib/firebase/admin/auth/token_verifier.rb', line 38

def issuer
  raise NotImplementedError
end

#verify(token, is_emulator: false) ⇒ `Hash`

Verifies a Firebase ID token.

Parameters:

token (String) —

A Firebase JWT ID token.
is_emulator (Boolean) (defaults to: false) —

skips signature verification if true.

Returns:

(Hash) —

the verified claims.

# File 'lib/firebase/admin/auth/token_verifier.rb', line 25

def verify(token, is_emulator: false)
  payload = decode(token, is_emulator).first
  sub = payload["sub"]
  raise JWT::InvalidSubError, "Invalid subject." unless sub.is_a?(String) && !sub.empty?
  payload["uid"] = sub
  payload
rescue JWT::ExpiredSignature => e
  raise expired_error, e.message
rescue JWT::DecodeError => e
  raise invalid_error, e.message
end

Class: Firebase::Admin::Auth::JWTVerifier

Overview

Direct Known Subclasses

Instance Method Summary collapse

Constructor Details

#initialize(app, certificates_url) ⇒ JWTVerifier

Instance Method Details

#expired_error ⇒ Object

#invalid_error ⇒ Object

#issuer ⇒ Object

#verify(token, is_emulator: false) ⇒ Hash

#initialize(app, certificates_url) ⇒ `JWTVerifier`

#expired_error ⇒ `Object`

#invalid_error ⇒ `Object`

#issuer ⇒ `Object`

#verify(token, is_emulator: false) ⇒ `Hash`