firebase_admin/auth/id_token/claims.rs
1//! Claim shapes for Firebase ID tokens.
2
3use serde::{Deserialize, Serialize};
4
5/// The decoded and verified claims of a Firebase ID token.
6///
7/// See <https://firebase.google.com/docs/auth/admin/verify-id-tokens> for the
8/// authoritative claim reference.
9#[derive(Debug, Clone, Serialize, Deserialize)]
10pub struct IdTokenClaims {
11 /// The token issuer, expected to be `https://securetoken.google.com/<project-id>`.
12 pub iss: String,
13 /// The intended audience, expected to equal the Firebase project ID.
14 pub aud: String,
15 /// Issued-at time, in seconds since the Unix epoch.
16 pub iat: i64,
17 /// Expiration time, in seconds since the Unix epoch.
18 pub exp: i64,
19 /// The time the end user authenticated, in seconds since the Unix epoch.
20 pub auth_time: i64,
21 /// The Firebase user id (UID) this token was issued for.
22 pub sub: String,
23 /// The user's email address, if available.
24 pub email: Option<String>,
25 /// Whether the user's email address has been verified.
26 #[serde(default)]
27 pub email_verified: bool,
28 /// Custom claims attached to the user via `set_custom_user_claims`.
29 #[serde(flatten)]
30 pub custom_claims: serde_json::Map<String, serde_json::Value>,
31}