Does this work when using the cloud endpoints @Api annotations to declare
endpoint api methods? I can't work out how to implement your workaround
On Thursday, June 11, 2015 at 4:29:28 PM UTC+1, Erik Zivkovic wrote:
>
> You can subclass GoogleIdTokenVerifier for now
>
> package com.my.project.package;
>
>
> import java.io.IOException;
> import java.security.GeneralSecurityException;
> import java.security.PublicKey;
>
>
> import com.google.api.client.auth.openidconnect.IdTokenVerifier;
> import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
> import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
> import com.google.api.client.http.HttpTransport;
> import com.google.api.client.json.JsonFactory;
>
>
> @Deprecated
> public class GoogleIdTokenVerifier2 extends GoogleIdTokenVerifier {
>
>
> public GoogleIdTokenVerifier2(HttpTransport transport, JsonFactory
> jsonFactory) {
> super(transport, jsonFactory);
> }
>
>
> @Override
> public boolean verify(GoogleIdToken googleIdToken) throws
> GeneralSecurityException, IOException {
> // check the payload
> if (!((IdTokenVerifier)this).verify(googleIdToken)) {
> return false;
> }
> // verify signature
> for (PublicKey publicKey : getPublicKeysManager().getPublicKeys())
> {
> try {
> if (googleIdToken.verifySignature(publicKey)) {
> return true;
> }
> } catch (Exception e) {
> System.err.println("Verify Token:" + e);
> }
> }
> return false;
> }
> }
>
>
>
>
--
*Latest from the Rugged Blog: 2014, Our Year Without Paper
<http://www.ruggeddata.co.uk/blog/2014-our-year-without-paper>*
<http://www.nuffieldtechnologies.co.uk/> <http://www.ruggeddata.co.uk/>
o. 01202 665885
a. Communications House. 16 Didcot Road, Nuffield Trading Estate, Poole,
Dorset. BH17 0GD
w. www.nuffieldtechnologies.com <http://www.nuffieldtechnologies.com>
w. www.ruggeddata.co.uk
*Please consider the environment before printing electronic copies of
information.*
Company Reg No. 04619513
This e-mail and all attached files are intended for the named addressee
only. If you are not the addressee legally indicated in the message (or
responsible for delivery of the message to such person), you may not copy,
deliver or disclose it to anyone. It may contain legally privileged or
confidential information, which may be copyrighted. All efforts are made to
keep our systems free of viruses, however please note it is your
responsibility to scan this e-mail and attachments to ensure that no virus
is present.
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/google-appengine.
To view this discussion on the web visit
https://groups.google.com/d/msgid/google-appengine/1a6fdb6c-3f83-45de-870f-8e7188ed2901%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
