async function validateAssertion()

in authenticating-users/app.js [43:68]

• 18 lines of code
• 2 McCabe index (conditional complexity)

async function validateAssertion(assertion) {
  if (!assertion) {
    return {};
  }

  // Check that the assertion's audience matches ours
  const aud = await audience();

  // Fetch the current certificates and verify the signature on the assertion
  // [START getting_started_auth_certs]
  const response = await oAuth2Client.getIapPublicKeys();
  // [END getting_started_auth_certs]
  const ticket = await oAuth2Client.verifySignedJwtWithCertsAsync(
    assertion,
    response.pubkeys,
    aud,
    ['https://cloud.google.com/iap']
  );
  const payload = ticket.getPayload();

  // Return the two relevant pieces of information
  return {
    email: payload.email,
    sub: payload.sub,
  };
}