Google login error via Azure

Question

In my app I want to use Google login, so for that I am using Azure Services. From Google, I am able to login successfully and get all the details but the following error occurs on the Azure side:

Error Domain=com.Microsoft.WindowsAzureMobileServices.ErrorDomain Code=-1302 "Error: The id_token issuer is invalid." UserInfo={NSLocalizedDescription=Error: The id_token issuer is invalid.}

Code:

if (user.authentication != nil)
{

    let delegate = UIApplication.sharedApplication().delegate as? AppDelegate

    let client = delegate!.client!;

    //                let nextViewController = self.storyboard?.instantiateViewControllerWithIdentifier("SWRevealViewController") as! SWRevealViewController

    //                self.presentViewController(nextViewController, animated: true, completion: nil)

    let payload: [String: String] = ["id_token": idToken]

    client.loginWithProvider("google", token: payload, completion: { (user, error) in

        if error != nil{

            //here i am getting the above mentioned error
            print(error)

        }

        if user != nil{

            print(user)



            print("Google Login Sucess")

            self.call(false, email: email, firstName: firstName, lastName: lastName, id: googleId, token: idToken,imageUrl: imageUrl.absoluteString)

        }

    })

}



    override func viewDidLoad()
    {

        super.viewDidLoad();



        GIDSignIn.sharedInstance().signOut()

        GIDSignIn.sharedInstance().scopes.append("https://www.googleapis.com/auth/plus.login");

        GIDSignIn.sharedInstance().clientID = "XXXXXXXX";

        GIDSignIn.sharedInstance().serverClientID = "XXXXXXXXX"

        GIDSignIn.sharedInstance().uiDelegate = self




    }

I dont know whether this is token issue or something else.

Answer 1

The response we get is like below. I think Mobile service backend doesn't like issuer id: "https://accounts.google.com". It accepts accounts.google.com

{
 "iss": "https://accounts.google.com",
 "at_hash": "bGW4JYlbzO64NGLInOpKgg",
 "aud": "XXXXXX-XXXXXXX",
 "sub": "XXXXXXXXXX",
 "email_verified": "true",
 "azp": "XXXXXX-XXXXXXXXXXX",
 "hd": "techmorphosis.com",
 "email": "[email protected]",
 "iat": "1477398958",
 "exp": "1477402558",
 "name": "Anuj Mody",
 "given_name": "Anuj",
 "family_name": "Mody",
 "locale": "en",
 "alg": "RS256",
 "kid": "XXXXXXXXXXXX"
}

Answer 2

For google, you need both the id_token and the authorization_code:

let payload: [String: String] = ["id_token": user.authentication.idToken, "authorization_code": user.serverAuthCode]
    client.loginWithProvider("google", token: payload) { (user, error) in
        // ...
    }

Ref: https://docs.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-ios-how-to-use-client-library#a-namegoogle-sdkahow-to-authenticate-users-with-the-google-sign-in-sdk-for-ios