feat: Implement ES256 for JWT verification (#340) feat: Implement EC256 for JWT verification

commit: e290a3dbecc4767dd25ee14574951cdb6c2157cb [log] [tgz]
author: Thea Flowers <theaflowers@google.com> Wed Apr 01 10:11:42 2020 -0700
committer: GitHub <noreply@github.com> Wed Apr 01 10:11:42 2020 -0700
tree: 715be596ca8d3046d6339cddc0a1bf0fd62ee36d
parent: 772dac6a6512230d32cb0dfae65a1a6aa9015049 [diff] [blame]
diff --git a/docs/user-guide.rst b/docs/user-guide.rst
index 0abe160..3877bff 100644
--- a/docs/user-guide.rst
+++ b/docs/user-guide.rst

@@ -291,7 +291,21 @@
                                       target_credentials,
                                       target_audience=target_audience)
 
-IDToken verification can be done for various type of IDTokens using the :class:`google.oauth2.id_token` module 
+IDToken verification can be done for various type of IDTokens using the
+:class:`google.oauth2.id_token` module. It supports ID token signed with RS256
+and ES256 algorithms. However, ES256 algorithm won't be available unless
+`cryptography` dependency of version at least 1.4.0 is installed. You can check
+the dependency with `pip freeze` or try `from google.auth.crypt import es256`.
+The following is an example of verifying ID tokens:
+
+    from google.auth2 import id_token
+
+    request = google.auth.transport.requests.Request()
+
+    try:
+      decoded_token = id_token.verify_token(token_to_verify,request)
+    except ValueError:
+      # Verification failed.
 
 A sample end-to-end flow using an ID Token against a Cloud Run endpoint maybe ::
commit	e290a3dbecc4767dd25ee14574951cdb6c2157cb	[log] [tgz]
author	Thea Flowers <theaflowers@google.com>	Wed Apr 01 10:11:42 2020 -0700
committer	GitHub <noreply@github.com>	Wed Apr 01 10:11:42 2020 -0700
tree	715be596ca8d3046d6339cddc0a1bf0fd62ee36d
parent	772dac6a6512230d32cb0dfae65a1a6aa9015049 [diff] [blame]