Skip to content
This repository was archived by the owner on Mar 6, 2026. It is now read-only.

Add ID token verification helpers.#82

Merged
theacodes merged 2 commits intomasterfrom
id-token
Nov 10, 2016
Merged

Add ID token verification helpers.#82
theacodes merged 2 commits intomasterfrom
id-token

Conversation

@theacodes
Copy link
Copy Markdown
Contributor

@theacodes theacodes commented Nov 10, 2016

Resolves #39 and the v1.0.0 milestone.

@theacodes theacodes added this to the 1.0.0 milestone Nov 10, 2016
dhermes
dhermes approved these changes Nov 10, 2016
View reviewed changes
Copy link
Copy Markdown
Contributor

@dhermes dhermes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Don't you want to return a boolean instead of the actual certs?

google/oauth2/id_token.py
'/securetoken@system.gserviceaccount.com')


def _fetch_certs(request, certs_url):

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

google/oauth2/id_token.py
raise exceptions.TransportError(
'Could not fetch certificates at {}'.format(certs_url))

return json.loads(response.data.decode('utf-8'))

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

google/oauth2/id_token.py
id_token (Union[str, bytes]): The encoded token.
request (google.auth.transport.Request): The object used to make
HTTP requests.
audience (str): The audience that this token is intended for. If None

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

google/oauth2/id_token.py
HTTP requests.
audience (str): The audience that this token is intended for. If None
then the audience is not verified.
certs_url (str): The URL that specifies the certificates to use to

This comment was marked as spam.

Sign in to view

google/oauth2/id_token.py
id_token (Union[str, bytes]): The encoded token.
request (google.auth.transport.Request): The object used to make
HTTP requests.
audience (str): The audience that this token is intended for. This is

This comment was marked as spam.

Sign in to view

google/oauth2/id_token.py Outdated
Mapping[str, Any]: The decoded token.

Raises:
ValueError: if verification fails.

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

google/oauth2/id_token.py Outdated
Mapping[str, Any]: The decoded token.

Raises:
ValueError: if verification fails.

This comment was marked as spam.

Sign in to view

google/oauth2/id_token.py
certs_url=_GOOGLE_OAUTH2_CERTS_URL)


def verify_firebase_token(id_token, request, audience=None):

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

tests/oauth2/test_id_token.py
response = mock.Mock()
response.status = status

if data is not None:

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

@theacodes theacodes merged commit e2ab100 into master Nov 10, 2016
@theacodes theacodes deleted the id-token branch November 10, 2016 23:11
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@dhermes dhermes dhermes approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

1.0.0

Development

Successfully merging this pull request may close these issues.

2 participants

@theacodes @dhermes