googleauth - Class Google::Auth::IDTokens::Verifier (v1.12.0)

Reference documentation and code samples for the googleauth class Google::Auth::IDTokens::Verifier.

An object that can verify ID tokens.

A verifier maintains a set of default settings, including the key source and fields to verify. However, individual verification calls can override any of these settings.

Inherits

Object

Methods

#initialize

def initialize(key_source: nil, aud: nil, azp: nil, iss: nil) -> Verifier

Create a verifier.

Parameters

key_source (key source) (defaults to: nil) — The default key source to use. All verification calls must have a key source, so if no default key source is provided here, then calls to #verify must provide a key source.
aud (String, nil) (defaults to: nil) — The default audience (aud) check, or nil for no check.
azp (String, nil) (defaults to: nil) — The default authorized party (azp) check, or nil for no check.
iss (String, nil) (defaults to: nil) — The default issuer (iss) check, or nil for no check.

Returns

(Verifier) — a new instance of Verifier

#verify

def verify(token, key_source: :default, aud: :default, azp: :default, iss: :default) -> Hash

Verify the given token.

Parameters

token (String) — the ID token to verify.
key_source (key source) (defaults to: :default) — If given, override the key source.
aud (String, nil) (defaults to: :default) — If given, override the aud check.
azp (String, nil) (defaults to: :default) — If given, override the azp check.
iss (String, nil) (defaults to: :default) — If given, override the iss check.

Returns

(Hash) — the decoded payload, if verification succeeded.

Raises

(KeySourceError) — if the key source failed to obtain public keys
(VerificationError) — if the token verification failed. Additional data may be available in the error subclass and message.