com.google.firebase.auth.FirebaseToken Maven / Gradle / Ivy

Show more of this group Show more artifacts with this name
Show all versions of firebase-admin Show documentation
This is the official Firebase Admin Java SDK. Build extraordinary native JVM apps in minutes with Firebase. The Firebase platform can power your app’s backend, user authentication, static hosting, and more.
There is a newer version: 9.3.0
Show newest version
/*
 * Copyright 2017 Google Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package com.google.firebase.auth;

import com.google.api.client.auth.openidconnect.IdToken;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.webtoken.JsonWebSignature;
import com.google.api.client.util.Key;

import java.io.IOException;
import java.util.Map;

/**
 * Implementation of a Parsed Firebase Token returned by {@link FirebaseAuth#verifyIdToken(String)}.
 * It can used to get the uid and other attributes of the user provided in the Token.
 */
public final class FirebaseToken {

  private final FirebaseTokenImpl token;

  FirebaseToken(FirebaseTokenImpl token) {
    this.token = token;
  }

  static FirebaseToken parse(JsonFactory jsonFactory, String tokenString) throws IOException {
    try {
      JsonWebSignature jws =
          JsonWebSignature.parser(jsonFactory)
              .setPayloadClass(FirebaseTokenImpl.Payload.class)
              .parse(tokenString);
      return new FirebaseToken(
          new FirebaseTokenImpl(
              jws.getHeader(),
              (FirebaseTokenImpl.Payload) jws.getPayload(),
              jws.getSignatureBytes(),
              jws.getSignedContentBytes()));
    } catch (IOException e) {
      throw new IOException(
          "Decoding Firebase ID token failed. Make sure you passed the entire string JWT "
              + "which represents an ID token. See https://firebase.google.com/docs/auth/admin/"
              + "verify-id-tokens for details on how to retrieve an ID token.",
          e);
    }
  }

  /** Returns the Uid for the this token. */
  public String getUid() {
    return token.getPayload().getSubject();
  }

  /** Returns the Issuer for the this token. */
  public String getIssuer() {
    return token.getPayload().getIssuer();
  }

  /** Returns the user's display name. */
  public String getName() {
    return token.getPayload().getName();
  }

  /** Returns the Uri string of the user's profile photo. */
  public String getPicture() {
    return token.getPayload().getPicture();
  }

  /** 
   * Returns the e-mail address for this user, or {@code null} if it's unavailable.
   */
  public String getEmail() {
    return token.getPayload().getEmail();
  }

  /** 
   * Indicates if the email address returned by {@link #getEmail()} has been verified as good.
   */
  public boolean isEmailVerified() {
    return token.getPayload().isEmailVerified();
  }

  /** Returns a map of all of the claims on this token. */
  public Map getClaims() {
    return token.getPayload();
  }

  FirebaseTokenImpl getToken() {
    return token;
  }

  static class FirebaseTokenImpl extends IdToken {

    FirebaseTokenImpl(
        Header header, Payload payload, byte[] signatureBytes, byte[] signedContentBytes) {
      super(header, payload, signatureBytes, signedContentBytes);
    }

    @Override
    public Payload getPayload() {
      return (Payload) super.getPayload();
    }

    /** Represents a FirebaseWebToken Payload. */
    public static class Payload extends IdToken.Payload {

      /**
       * Timestamp of the last time this user authenticated with Firebase on the device receiving
       * this token.
       */
      @Key("auth_time")
      private long authTime;

      /** User's primary email address. */
      @Key private String email;

      /** Indicates whether or not the e-mail field is verified to be a known-good address. */
      @Key("email_verified")
      private boolean emailVerified;

      /** User's Display Name. */
      @Key private String name;

      /** URI of the User's profile picture. */
      @Key private String picture;

      /**
       * Returns the UID of the user represented by this token. This is an alias for {@link
       * #getSubject()}
       */
      public String getUid() {
        return getSubject();
      }

      /**
       * Returns the time in seconds from the Unix Epoch that this user last authenticated with
       * Firebase on this device.
       */
      public long getAuthTime() {
        return authTime;
      }

      /** 
       * Returns the e-mail address for this user, or {@code null} if it's unavailable.
       */
      public String getEmail() {
        return email;
      }

      /**
       * Indicates if the email address returned by {@link #getEmail()} has been verified as good.
       */
      public boolean isEmailVerified() {
        return emailVerified;
      }

      /** Returns the user's display name. */
      public String getName() {
        return name;
      }

      /** Returns the Uri string of the user's profile photo. */
      public String getPicture() {
        return picture;
      }
    }
  }
}