public sealed class SignedTokenVerificationOptions
Options to use when verifying signed JWTs.
Namespace
GoogleApisAuthAssembly
Google.Apis.Auth.dll
Constructors
SignedTokenVerificationOptions()
public SignedTokenVerificationOptions()
Creates a new instance of SignedTokenVerificationOptions with default values for all options (or null for those whose default is unset).
SignedTokenVerificationOptions(SignedTokenVerificationOptions)
public SignedTokenVerificationOptions(SignedTokenVerificationOptions other)
Creates a new instance of SignedTokenVerificationOptions
by copying over all the values from other
.
Parameter | |
---|---|
Name | Description |
other |
SignedTokenVerificationOptions The option set to build this instance from. |
Properties
CertificatesUrl
public string CertificatesUrl { get; set; }
The URL from where to obtain certificates from. May be null, in which case, default certificate locations will be used:
- For RS256 signed certificates, https://www.googleapis.com/oauth2/v3/certs will be used.
- For ES256 signed certificates, https://www.gstatic.com/iap/verify/public_key-jwk will be used.
Property Value | |
---|---|
Type | Description |
string |
ExpiryClockTolerance
public TimeSpan ExpiryClockTolerance { get; set; }
Clock tolerance for the expiration check. Causes a JWT to pass validation up to this duration after it really expired; this is to allow for possible local-client clock skew. Defaults to zero. Internal to be used only for backward compatibility.
Property Value | |
---|---|
Type | Description |
TimeSpan |
IssuedAtClockTolerance
public TimeSpan IssuedAtClockTolerance { get; set; }
Clock tolerance for the issued-at check. Causes a JWT to pass validation up to this duration before it is really valid; this is to allow for possible local-client clock skew. Defaults to zero. Internal to be used only for backward compatibility.
Property Value | |
---|---|
Type | Description |
TimeSpan |
TrustedAudiences
public IList<string> TrustedAudiences { get; }
Trusted audiences for the token. All the audiences the token is intended for should be in the trusted audiences list. If the list is empty, the token audience won't be verified.
Property Value | |
---|---|
Type | Description |
IListstring |
TrustedIssuers
public IList<string> TrustedIssuers { get; }
List of trusted issuers to verify the token issuer against. The token issuer must be contained in this list. May be null, in which case the token issuer won't be verified.
Property Value | |
---|---|
Type | Description |
IListstring |