Merge pull request #21 from firebase/revoke_tokens

avishalom · web-flow · commit 2f5080a15d93 · 2018-02-12T21:02:35.000-05:00
Revoke tokens and verify check revoked snippets
diff --git a/auth/build.gradle b/auth/build.gradle
@@ -16,5 +16,5 @@ repositories {
 
 dependencies {
     // Firebase Java SDK
-    compile 'com.google.firebase:firebase-admin:5.6.0'
+    compile 'com.google.firebase:firebase-admin:5.9.0'
 }
diff --git a/auth/src/main/java/com/google/firebase/quickstart/AuthSnippets.java b/auth/src/main/java/com/google/firebase/quickstart/AuthSnippets.java
@@ -207,6 +207,44 @@ public static void verifyIdToken(String idToken) throws InterruptedException, Ex
     System.out.println("Decoded ID token from user: " + uid);
   }
 
+  public static void verifyIdTokenCheckRevoked(String idToken) throws InterruptedException, ExecutionException {
+    // [START verify_id_token_check_revoked]
+    try {
+      // Verify the ID token while checking if the token is revoked by passing checkRevoked
+      // as true.
+      boolean checkRevoked = true;
+      FirebaseToken decodedToken = FirebaseAuth.getInstance().verifyIdTokenAsync(idToken, checkRevoked).get();
+      // Token is valid and not revoked.
+      String uid = decodedToken.getUid();
+    } 
+    catch (FirebaseAuthException e) {
+      if ("id-token-revoked".equals(e.getErrorCode())) {
+        // Token is valid but has been revoked.
+        // When this occurs, inform the user to reauthenticate or signOut() the user.
+      } else {
+        // Error is other than "revoked" token is invalid.
+      }
+    }
+    // [END verify_id_token_check_revoked]
+  }
+
+  public static void revokeIdTokens(String idToken) throws InterruptedException, ExecutionException { 
+    String uid="someUid";
+    // [START revoke_tokens]
+    FirebaseToken decodedToken = FirebaseAuth.getInstance().revokeRefreshTokens(uid).get();
+    UserRecord user = FirebaseAuth.getInstance().getUserAsync(uid).get();
+    // Convert to seconds as the auth_time in the token claims is in seconds too. 
+    long revocationSecond = user.getTokensValidAfterTimestamp() / 1000;
+    System.err.println("Tokens revoked at: " + revocationSecond);
+    // [END revoke_tokens]
+
+    // [START save_revocation_in_db]
+    DatabaseReference ref = FirebaseDatabase.getInstance().getReference("metadata/" + uid);
+    ref.setValueAsync(MapBuilder.of("revokeTime", revocationSecond)).get();
+    // [END save_revocation_in_db]
+    
+  }
+
   public static void main(String[] args) throws InterruptedException, ExecutionException {
     System.out.println("Hello, AuthSnippets!");
 

Original file line number	Diff line number	Diff line change
`@@ -16,5 +16,5 @@ repositories {`
`16`	`16`
`17`	`17`	`dependencies {`
`18`	`18`	`// Firebase Java SDK`
`19`		`- compile 'com.google.firebase:firebase-admin:5.6.0'`
	`19`	`+ compile 'com.google.firebase:firebase-admin:5.9.0'`
`20`	`20`	`}`