Method: Google::Auth::IDTokens::Verifier#verify

Defined in:: lib/googleauth/id_tokens/verifier.rb

#verify(token, key_source: :default, aud: :default, azp: :default, iss: :default) ⇒ `Hash`

Verify the given token.

Parameters:

token (String) —
the ID token to verify.
key_source (key source) (defaults to: :default) —
If given, override the key source.
aud (String, nil) (defaults to: :default) —
If given, override the aud check.
azp (String, nil) (defaults to: :default) —
If given, override the azp check.
iss (String, nil) (defaults to: :default) —
If given, override the iss check.

Returns:

(Hash) —
the decoded payload, if verification succeeded.

Raises:

(Google::Auth::IDTokens::KeySourceError) —
if the key source failed to obtain public keys
(Google::Auth::IDTokens::VerificationError) —
if the token verification failed. Additional data may be available in the error subclass and message.

# File 'lib/googleauth/id_tokens/verifier.rb', line 67

def verify token,
           key_source: :default,
           aud:        :default,
           azp:        :default,
           iss:        :default
  key_source = @key_source if key_source == :default
  aud = @aud if aud == :default
  azp = @azp if azp == :default
  iss = @iss if iss == :default

  raise KeySourceError, "No key sources" unless key_source
  keys = key_source.current_keys
  payload = decode_token token, keys, aud, azp, iss
  unless payload
    keys = key_source.refresh_keys
    payload = decode_token token, keys, aud, azp, iss
  end
  raise SignatureError, "Token not verified as issued by Google" unless payload
  payload
end

Method: Google::Auth::IDTokens::Verifier#verify

#verify(token, key_source: :default, aud: :default, azp: :default, iss: :default) ⇒ Hash

#verify(token, key_source: :default, aud: :default, azp: :default, iss: :default) ⇒ `Hash`