private function checkIdTokenFailure($id_token, $msg)
{
$certs = $this->getSignonCerts();
$oauth2 = new Postman_Google_Auth_OAuth2($this->getClient());
try {
$oauth2->verifySignedJwtWithCerts($id_token, $certs, "client_id");
$this->fail("Should have thrown for {$id_token}");
} catch (Postman_Google_Auth_Exception $e) {
$this->assertContains($msg, $e->getMessage());
}
}
/**
* Verify a JWT that was signed with your own certificates.
*
* @param $id_token string The JWT token
* @param $cert_location array of certificates
* @param $audience string the expected consumer of the token
* @param $issuer string the expected issuer, defaults to Google
* @param [$max_expiry] the max lifetime of a token, defaults to MAX_TOKEN_LIFETIME_SECS
* @return mixed token information if valid, false if not
*/
public function verifySignedJwt($id_token, $cert_location, $audience, $issuer, $max_expiry = null)
{
$auth = new Postman_Google_Auth_OAuth2($this);
$certs = $auth->retrieveCertsFromLocation($cert_location);
return $auth->verifySignedJwtWithCerts($id_token, $certs, $audience, $issuer, $max_expiry);
}
