-
Notifications
You must be signed in to change notification settings - Fork 25
/
OAuthPayload.swift
29 lines (26 loc) · 1.2 KB
/
OAuthPayload.swift
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
//
// OAuthPayload.swift
// GoogleCloudKit
//
// Created by Andrew Edwards on 4/15/18.
//
import JWTKit
/// The payload for requesting an OAuth token to make API calls to Google APIs.
/// https://developers.google.com/identity/protocols/OAuth2ServiceAccount#authorizingrequests
public struct OAuthPayload: JWTPayload {
/// The email address of the service account.
var iss: IssuerClaim
/// A space-delimited list of the permissions that the application requests.
var scope: String
/// A descriptor of the intended target of the assertion. When making an access token request this value is always https://www.googleapis.com/oauth2/v4/token.
var aud: AudienceClaim
/// The expiration time of the assertion, specified as seconds since 00:00:00 UTC, January 1, 1970. This value has a maximum of 1 hour after the issued time.
var exp: ExpirationClaim
/// The time the assertion was issued, specified as seconds since 00:00:00 UTC, January 1, 1970.
var iat: IssuedAtClaim
/// Using to nominate the account you want access to on the domain from a service account
var sub: String?
public func verify(using signer: JWTSigner) throws {
try exp.verifyNotExpired()
}
}