-
Notifications
You must be signed in to change notification settings - Fork 255
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Validating Google Login Tokens #326
Comments
There is not enough information to resolve the issue. Can you provide an example key and JWT? |
I might be able to help. Instead of doing
In total it should be something like:
The above is some copy&paste from a project and some "old" knowledge so forgive me if I got something wrong. |
@nlopes , I think there is a security risk in your suggested code. |
Same issue, i can't verify jwt from google oauth.
|
This is how you can decode google token, as it's coming from google and verified there, we don't need to verify again anyway. However make sure to verify your own token with your secret before using any claims. |
I am quite sorry - as despite my best efforts and research I could not find any conclusive way of decoding google jwts.
Google uses RS256 to sign the tokens I receieve.
Doing this results in InvalidAlgorithm.
Anyone know how to fix this.
The text was updated successfully, but these errors were encountered: