googleworkspace
diff --git a/‎dist/OAuth2.gs
+59-19 b/‎dist/OAuth2.gs
+59-19
diff --git a/‎docs/Service_.html
+4-4 b/‎docs/Service_.html
+4-4
diff --git a/‎docs/Storage_.html
+4-4 b/‎docs/Storage_.html
+4-4
@@ -672,7 +672,7 @@ Service_.prototype.refresh = function() {
  * Custom values associated with the service can be stored here as well.
  * The key <code>null</code> is used to to store the token and should not
  * be used.
- * @return {Storage} The service's storage.
+ * @return {Storage_} The service's storage.
  */
 Service_.prototype.getStorage = function() {
   if (!this.storage_) {
@@ -703,20 +703,35 @@ Service_.prototype.getToken = function(optSkipMemoryCheck) {
 };
 
 /**
- * Determines if a retrieved token is still valid.
+ * Determines if a retrieved token is still valid. This will return false if
+ * either the authorization token or the ID token has expired.
  * @param {Object} token The token to validate.
  * @return {boolean} True if it has expired, false otherwise.
  * @private
  */
 Service_.prototype.isExpired_ = function(token) {
+  var expired = false;
+  var now = getTimeInSeconds_(new Date());
+
+  // Check the authorization token's expiration.
   var expiresIn = token.expires_in_sec || token.expires_in || token.expires;
-  if (!expiresIn) {
-    return false;
-  } else {
+  if (expiresIn) {
     var expiresTime = token.granted_time + Number(expiresIn);
-    var now = getTimeInSeconds_(new Date());
-    return expiresTime - now < Service_.EXPIRATION_BUFFER_SECONDS_;
+    if (expiresTime - now < Service_.EXPIRATION_BUFFER_SECONDS_) {
+      expired = true;
+    }
   }
+
+  // Check the ID token's expiration, if it exists.
+  if (token.id_token) {
+    var payload = decodeJwt_(token.id_token);
+    if (payload.exp &&
+        payload.exp - now < Service_.EXPIRATION_BUFFER_SECONDS_) {
+      expired = true;
+    }
+  }
+
+  return expired;
 };
 
 /**
@@ -767,10 +782,6 @@ Service_.prototype.createJwt_ = function() {
     'Token URL': this.tokenUrl_,
     'Issuer or Client ID': this.issuer_ || this.clientId_
   });
-  var header = {
-    alg: 'RS256',
-    typ: 'JWT'
-  };
   var now = new Date();
   var expires = new Date(now.getTime());
   expires.setMinutes(expires.getMinutes() + this.expirationMinutes_);
@@ -792,12 +803,7 @@ Service_.prototype.createJwt_ = function() {
       claimSet[key] = additionalClaims[key];
     });
   }
-  var toSign = Utilities.base64EncodeWebSafe(JSON.stringify(header)) + '.' +
-      Utilities.base64EncodeWebSafe(JSON.stringify(claimSet));
-  var signatureBytes =
-      Utilities.computeRsaSha256Signature(toSign, this.privateKey_);
-  var signature = Utilities.base64EncodeWebSafe(signatureBytes);
-  return toSign + '.' + signature;
+  return encodeJwt_(claimSet, this.privateKey_);
 };
 
 /**
@@ -1001,7 +1007,7 @@ Storage_.prototype.reset = function() {
 
 /**
  * Removes a stored value.
- * @param {string} key The key.
+ * @param {string} prefixedKey The key.
  */
 Storage_.prototype.removeValueWithPrefixedKey_ = function(prefixedKey) {
   if (this.properties_) {
@@ -1111,7 +1117,7 @@ function extend_(destination, source) {
  * Gets a copy of an object with all the keys converted to lower-case strings.
  *
  * @param {Object} obj The object to copy.
- * @return {Object} a shallow copy of the object with all lower-case keys.
+ * @return {Object} A shallow copy of the object with all lower-case keys.
  */
 function toLowerCaseKeys_(obj) {
   if (obj === null || typeof obj !== 'object') {
@@ -1125,6 +1131,40 @@ function toLowerCaseKeys_(obj) {
   }, {});
 }
 
+/* exported encodeJwt_ */
+/**
+ * Encodes and signs a JWT.
+ *
+ * @param {Object} payload The JWT payload.
+ * @param {string} key The key to use when generating the signature.
+ * @return {string} The encoded and signed JWT.
+ */
+function encodeJwt_(payload, key) {
+  var header = {
+    alg: 'RS256',
+    typ: 'JWT'
+  };
+  var toSign = Utilities.base64EncodeWebSafe(JSON.stringify(header)) + '.' +
+      Utilities.base64EncodeWebSafe(JSON.stringify(payload));
+  var signatureBytes =
+      Utilities.computeRsaSha256Signature(toSign, key);
+  var signature = Utilities.base64EncodeWebSafe(signatureBytes);
+  return toSign + '.' + signature;
+}
+
+/* exported decodeJwt_ */
+/**
+ * Decodes and returns the parts of the JWT. The signature is not verified.
+ *
+ * @param {string} jwt The JWT to decode.
+ * @return {Object} The decoded payload.
+ */
+function decodeJwt_(jwt) {
+  var payload = jwt.split('.')[1];
+  var blob = Utilities.newBlob(Utilities.base64DecodeWebSafe(payload));
+  return JSON.parse(blob.getDataAsString());
+}
+
    /****** code end *********/
    ;(
 function copy(src, target, obj) {
 
@@ -1059,7 +1059,7 @@ <h5>Returns:</h5>
 
 
 
-    <h4 class="name" id="getStorage"><span class="type-signature"></span>getStorage<span class="signature">()</span><span class="type-signature"> &rarr; {Storage}</span></h4>
+    <h4 class="name" id="getStorage"><span class="type-signature"></span>getStorage<span class="signature">()</span><span class="type-signature"> &rarr; {<a href="Storage_.html">Storage_</a>}</span></h4>
 
 
 
@@ -1149,7 +1149,7 @@ <h5>Returns:</h5>
     </dt>
     <dd>
 
-<span class="param-type">Storage</span>
+<span class="param-type"><a href="Storage_.html">Storage_</a></span>
 
 
     </dd>
@@ -5145,13 +5145,13 @@ <h5>Returns:</h5>
 </div>
 
 <nav>
-    <h2><a href="index.html">Home</a></h2><h3>Classes</h3><ul><li><a href="Service_.html">Service_</a></li><li><a href="Storage_.html">Storage_</a></li></ul><h3>Global</h3><ul><li><a href="global.html#createService">createService</a></li><li><a href="global.html#extend_">extend_</a></li><li><a href="global.html#getRedirectUri">getRedirectUri</a></li><li><a href="global.html#TOKEN_FORMAT">TOKEN_FORMAT</a></li><li><a href="global.html#toLowerCaseKeys_">toLowerCaseKeys_</a></li></ul>
+    <h2><a href="index.html">Home</a></h2><h3>Classes</h3><ul><li><a href="Service_.html">Service_</a></li><li><a href="Storage_.html">Storage_</a></li></ul><h3>Global</h3><ul><li><a href="global.html#createService">createService</a></li><li><a href="global.html#decodeJwt_">decodeJwt_</a></li><li><a href="global.html#encodeJwt_">encodeJwt_</a></li><li><a href="global.html#extend_">extend_</a></li><li><a href="global.html#getRedirectUri">getRedirectUri</a></li><li><a href="global.html#TOKEN_FORMAT">TOKEN_FORMAT</a></li><li><a href="global.html#toLowerCaseKeys_">toLowerCaseKeys_</a></li></ul>
 </nav>
 
 <br class="clear">
 
 <footer>
-    Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.4</a> on Tue Apr 07 2020 20:19:13 GMT-0400 (Eastern Daylight Time)
+    Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.4</a> on Mon Dec 14 2020 20:02:02 GMT-0500 (Eastern Standard Time)
 </footer>
 
 <script> prettyPrint(); </script>
 
@@ -600,7 +600,7 @@ <h5>Parameters:</h5>
 
 
 
-    <h4 class="name" id="removeValueWithPrefixedKey_"><span class="type-signature"></span>removeValueWithPrefixedKey_<span class="signature">(key)</span><span class="type-signature"></span></h4>
+    <h4 class="name" id="removeValueWithPrefixedKey_"><span class="type-signature"></span>removeValueWithPrefixedKey_<span class="signature">(prefixedKey)</span><span class="type-signature"></span></h4>
 
 
 
@@ -644,7 +644,7 @@ <h5>Parameters:</h5>
 
         <tr>
 
-                <td class="name"><code>key</code></td>
+                <td class="name"><code>prefixedKey</code></td>
 
 
             <td class="type">
@@ -1029,13 +1029,13 @@ <h5>Parameters:</h5>
 </div>
 
 <nav>
-    <h2><a href="index.html">Home</a></h2><h3>Classes</h3><ul><li><a href="Service_.html">Service_</a></li><li><a href="Storage_.html">Storage_</a></li></ul><h3>Global</h3><ul><li><a href="global.html#createService">createService</a></li><li><a href="global.html#extend_">extend_</a></li><li><a href="global.html#getRedirectUri">getRedirectUri</a></li><li><a href="global.html#TOKEN_FORMAT">TOKEN_FORMAT</a></li><li><a href="global.html#toLowerCaseKeys_">toLowerCaseKeys_</a></li></ul>
+    <h2><a href="index.html">Home</a></h2><h3>Classes</h3><ul><li><a href="Service_.html">Service_</a></li><li><a href="Storage_.html">Storage_</a></li></ul><h3>Global</h3><ul><li><a href="global.html#createService">createService</a></li><li><a href="global.html#decodeJwt_">decodeJwt_</a></li><li><a href="global.html#encodeJwt_">encodeJwt_</a></li><li><a href="global.html#extend_">extend_</a></li><li><a href="global.html#getRedirectUri">getRedirectUri</a></li><li><a href="global.html#TOKEN_FORMAT">TOKEN_FORMAT</a></li><li><a href="global.html#toLowerCaseKeys_">toLowerCaseKeys_</a></li></ul>
 </nav>
 
 <br class="clear">
 
 <footer>
-    Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.4</a> on Tue Apr 07 2020 20:19:13 GMT-0400 (Eastern Daylight Time)
+    Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.4</a> on Mon Dec 14 2020 20:02:02 GMT-0500 (Eastern Standard Time)
 </footer>
 
 <script> prettyPrint(); </script>