aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/github/scribejava/apis/GoogleTokenVerifier.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/github/scribejava/apis/GoogleTokenVerifier.java')
-rw-r--r--src/main/java/com/github/scribejava/apis/GoogleTokenVerifier.java8
1 files changed, 4 insertions, 4 deletions
diff --git a/src/main/java/com/github/scribejava/apis/GoogleTokenVerifier.java b/src/main/java/com/github/scribejava/apis/GoogleTokenVerifier.java
index 35a9d832e..a7d48a343 100644
--- a/src/main/java/com/github/scribejava/apis/GoogleTokenVerifier.java
+++ b/src/main/java/com/github/scribejava/apis/GoogleTokenVerifier.java
@@ -3,6 +3,7 @@ package com.github.scribejava.apis;
import java.net.MalformedURLException;
import java.net.URL;
import java.text.ParseException;
+import java.util.Collections;
import java.util.Map;
import java.util.Optional;
@@ -20,11 +21,10 @@ import com.nimbusds.jwt.proc.DefaultJWTProcessor;
public class GoogleTokenVerifier {
- public static Optional<String> validateToken(String idToken) {
+ public static Optional<String> validateToken(String clientId, String idToken) {
// Create a JWT processor for the access tokens
- ConfigurableJWTProcessor<SecurityContext> jwtProcessor =
- new DefaultJWTProcessor<>();
+ ConfigurableJWTProcessor<SecurityContext> jwtProcessor = new DefaultJWTProcessor<>();
// The public RSA keys to validate the signatures will be sourced from the
// OAuth 2.0 server's JWK set, published at a well-known URL. The RemoteJWKSet
@@ -49,7 +49,7 @@ public class GoogleTokenVerifier {
jwtProcessor.setJWSKeySelector(keySelector);
// Set the required JWT claims for access tokens issued by the server
- jwtProcessor.setJWTClaimsSetVerifier(new DefaultJWTClaimsVerifier<>());
+ jwtProcessor.setJWTClaimsSetVerifier(new DefaultJWTClaimsVerifier<>(Collections.singleton(clientId), null, null, null));
// Process the token
Map<String, Object> claimsSet;