robccan
diff --git a/‎clirr-ignored-differences.xml
Lines changed: 14 additions & 22 deletions b/‎clirr-ignored-differences.xml
Lines changed: 14 additions & 22 deletions
diff --git a/‎findbugs-exclude.xml
Lines changed: 0 additions & 11 deletions b/‎findbugs-exclude.xml
Lines changed: 0 additions & 11 deletions
diff --git a/‎google-http-client/src/main/java/com/google/api/client/json/webtoken/JsonWebSignature.java
Lines changed: 26 additions & 1 deletion b/‎google-http-client/src/main/java/com/google/api/client/json/webtoken/JsonWebSignature.java
Lines changed: 26 additions & 1 deletion
@@ -2,77 +2,69 @@
 <!-- see http://mojo.codehaus.org/clirr-maven-plugin/examples/ignored-differences.html -->
 
 <differences>
+  <!-- 6001 (removed field): className, field) -->
   <difference>
-    <!-- 8001 (Class removed): className -->
-    <differenceType>8001</differenceType>
-    <className>com/google/api/client/repackaged/**</className>
-  </difference>
-  <difference>
-    <!-- 7006 (Method Return Type changed): className, method, to (to is just the return type) -->
-    <differenceType>7006</differenceType>
-    <className>com/google/api/client/testing/http/MockLowLevelHttpResponse</className>
-    <method>void addHeader(java.lang.String, java.lang.String)</method>
-    <to>com.google.api.client.testing.http.MockLowLevelHttpResponse</to>
-  </difference>
-  <difference>
-    <!-- 6001 (removed field): className, field) -->
     <differenceType>6001</differenceType>
     <className>com/google/api/client/util/Data</className>
     <field>NULL_UNSIGNED_INTEGER</field>
   </difference>
   <difference>
-    <!-- 6001 (removed field): className, field) -->
     <differenceType>6001</differenceType>
     <className>com/google/api/client/util/Data</className>
     <field>NULL_UNSIGNED_LONG</field>
   </difference>
+  <!-- 7002 (method removed): className, method -->
   <difference>
-    <!-- 7002 (method removed): className, method -->
     <differenceType>7002</differenceType>
     <className>com/google/api/client/json/JsonGenerator</className>
     <method>void writeNumber(com.google.common.primitives.UnsignedInteger)</method>
   </difference>
   <difference>
-    <!-- 7002 (method removed): className, method -->
     <differenceType>7002</differenceType>
     <className>com/google/api/client/json/JsonGenerator</className>
     <method>void writeNumber(com.google.common.primitives.UnsignedLong)</method>
   </difference>
   <difference>
-    <!-- 7002 (method removed): className, method -->
     <differenceType>7002</differenceType>
     <className>com/google/api/client/json/JsonParser</className>
     <method>com.google.common.primitives.UnsignedInteger getUnsignedIntegerValue()</method>
   </difference>
   <difference>
-    <!-- 7002 (method removed): className, method -->
     <differenceType>7002</differenceType>
     <className>com/google/api/client/json/JsonParser</className>
     <method>com.google.common.primitives.UnsignedLong getUnsignedLongValue()</method>
   </difference>
   <difference>
-    <!-- 7002 (method removed): className, method -->
     <differenceType>7002</differenceType>
     <className>com/google/api/client/testing/http/json/MockJsonGenerator</className>
     <method>void writeNumber(com.google.common.primitives.UnsignedInteger)</method>
   </difference>
   <difference>
-    <!-- 7002 (method removed): className, method -->
     <differenceType>7002</differenceType>
     <className>com/google/api/client/testing/http/json/MockJsonGenerator</className>
     <method>void writeNumber(com.google.common.primitives.UnsignedLong)</method>
   </difference>
   <difference>
-    <!-- 7002 (method removed): className, method -->
     <differenceType>7002</differenceType>
     <className>com/google/api/client/testing/http/json/MockJsonParser</className>
     <method>com.google.common.primitives.UnsignedInteger getUnsignedIntegerValue()</method>
   </difference>
   <difference>
-    <!-- 7002 (method removed): className, method -->
     <differenceType>7002</differenceType>
     <className>com/google/api/client/testing/http/json/MockJsonParser</className>
     <method>com.google.common.primitives.UnsignedLong getUnsignedLongValue()</method>
   </difference>
+  <!-- 7006 (Method Return Type changed): className, method, to (to is just the return type) -->
+  <difference>
+    <differenceType>7006</differenceType>
+    <className>com/google/api/client/testing/http/MockLowLevelHttpResponse</className>
+    <method>void addHeader(java.lang.String, java.lang.String)</method>
+    <to>com.google.api.client.testing.http.MockLowLevelHttpResponse</to>
+  </difference>
+  <!-- 8001 (Class removed): className -->
+  <difference>
+    <differenceType>8001</differenceType>
+    <className>com/google/api/client/repackaged/**</className>
+  </difference>
 </differences>
 
@@ -53,21 +53,11 @@
     <!-- Comparison of String parameter using == or != -->
     <Class name="com.google.api.client.util.ClassInfo$1"/>
   </And>
-  <And>
-    <Bug pattern="EI_EXPOSE_REP"/>
-    <!-- May expose internal representation by returning reference to mutable object -->
-    <Class name="com.google.api.client.testing.http.MockHttpContent"/>
-  </And>
   <And>
     <Bug pattern="SS_SHOULD_BE_STATIC"/>
     <!-- Unread field: should this field be static? -->
     <Class name="com.google.api.client.json.rpc2.JsonRpcRequest"/>
   </And>
-  <And>
-    <Bug pattern="EI_EXPOSE_REP2"/>
-    <!-- May expose internal representation by incorporating reference to mutable object -->
-    <Class name="com.google.api.client.util.io.ByteArrayStreamingContent"/>
-  </And>
   <And>
     <Bug pattern="DM_DEFAULT_ENCODING"/>
     <!-- Reliance on default encoding -->
@@ -78,6 +68,5 @@
     <Bug pattern="EI_EXPOSE_REP,EI_EXPOSE_REP2"/> 
     <!-- May expose internal representation by returning reference to mutable object -->
     <!-- May expose internal representation by incorporating reference to mutable object -->
-    <Class name="com.google.api.client.json.webtoken.JsonWebSignature"/>
   </And>
 </FindBugsFilter>
@@ -25,6 +25,8 @@
 import java.io.IOException;
 import java.security.GeneralSecurityException;
 import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Signature;
 
 /**
  * <a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-08">JSON Web Signature
@@ -313,6 +315,29 @@ public Header getHeader() {
     return (Header) super.getHeader();
   }
 
+  /**
+   * Verifies the signature of the content.
+   *
+   * <p>
+   * Currently only {@code "RS256"} algorithm is verified, but others may be added in the future.
+   * For any other algorithm it returns {@code false}.
+   * </p>
+   *
+   * @param publicKey public key
+   * @return whether the algorithm is recognized and it is verified
+   * @throws GeneralSecurityException
+   */
+  public final boolean verifySignature(PublicKey publicKey) throws GeneralSecurityException {
+    Signature signatureAlg = null;
+    String algorithm = getHeader().getAlgorithm();
+    if ("RS256".equals(algorithm)) {
+      signatureAlg = SecurityUtils.getSha256WithRsaSignatureAlgorithm();
+    } else {
+      return false;
+    }
+    return SecurityUtils.verify(signatureAlg, publicKey, signatureBytes, signedContentBytes);
+  }
+
   /** Returns the modifiable array of bytes of the signature. */
   public final byte[] getSignatureBytes() {
     return signatureBytes;
@@ -424,7 +449,7 @@ public JsonWebSignature parse(String tokenString) throws IOException {
    * Signs a given JWS header and payload based on the given private key using RSA and SHA-256 as
    * described in <a
    * href="http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-08#appendix-A.2">JWS using
-   * RSA SHA-256</a>
+   * RSA SHA-256</a>.
    *
    * @param privateKey private key
    * @param jsonFactory JSON factory