Example #1
0
 /**
  * Most of the logic for ID token validation is in AuthTest -
  * this is just a general check to ensure we verify a valid
  * id token if one exists.
  */
 public function testValidateIdToken()
 {
     $this->checkToken();
     $jwt = $this->getJwtService();
     $client = $this->getClient();
     $http = $client->getHttpClient();
     $token = $client->getAccessToken();
     if ($client->isAccessTokenExpired()) {
         $token = $client->fetchAccessTokenWithRefreshToken();
     }
     $segments = explode('.', $token['id_token']);
     $this->assertEquals(3, count($segments));
     // Extract the client ID in this case as it wont be set on the test client.
     $data = json_decode($jwt->urlSafeB64Decode($segments[1]));
     $verify = new Google_AccessToken_Verify($http);
     $payload = $verify->verifyIdToken($token['id_token'], $data->aud);
     $this->assertTrue(isset($payload['sub']));
     $this->assertTrue(strlen($payload['sub']) > 0);
     // TODO: Need to be smart about testing/disabling the
     // caching for this test to make sense. Not sure how to do that
     // at the moment.
     $client = $this->getClient();
     $http = $client->getHttpClient();
     $data = json_decode($jwt->urlSafeB64Decode($segments[1]));
     $verify = new Google_AccessToken_Verify($http);
     $payload = $verify->verifyIdToken($token['id_token'], $data->aud);
     $this->assertTrue(isset($payload['sub']));
     $this->assertTrue(strlen($payload['sub']) > 0);
 }
Example #2
0
 /**
  * Verify an id_token. This method will verify the current id_token, if one
  * isn't provided.
  *
  * @throws Google_Exception
  * @param string|null $idToken The token (id_token) that should be verified.
  * @return array|false Returns the token payload as an array if the verification was
  * successful, false otherwise.
  */
 public function verifyIdToken($idToken = null)
 {
     $tokenVerifier = new Google_AccessToken_Verify($this->getHttpClient(), $this->getCache());
     if (is_null($idToken)) {
         $token = $this->getAccessToken();
         if (!isset($token['id_token'])) {
             throw new LogicException('id_token must be passed in or set as part of setAccessToken');
         }
         $idToken = $token['id_token'];
     }
     return $tokenVerifier->verifyIdToken($idToken, $this->getClientId());
 }