• Home
• com.uid2
• uid2-shared
• 7.19.0
• source code
• InstanceDocumentVerifier.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.uid2.shared.secure.gcp.InstanceDocumentVerifier Maven / Gradle / Ivy

package com.uid2.shared.secure.gcp;

import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.gson.GsonFactory;
import com.uid2.shared.secure.AttestationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class InstanceDocumentVerifier {
    private static final Logger LOGGER = LoggerFactory.getLogger(InstanceDocumentVerifier.class);

    public static final boolean VERIFY_SIGNATURE = true;

    private GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier
        .Builder(new NetHttpTransport(), GsonFactory.getDefaultInstance())
        .build();

    public InstanceDocument verify(String token) throws Exception {
        GoogleIdToken googleId = GoogleIdToken.parse(verifier.getJsonFactory(), token);
        if (!VERIFY_SIGNATURE) {
            LOGGER.error("InstanceDocumentVerifier signature verification is ignored" );
        } else {
            if (!verifier.verify(googleId)) {
                throw new AttestationException("Unable to verify GCP VM's instance document");
            }
        }
        InstanceDocument id = new InstanceDocument(googleId);
        return id;
    }
}