Menu
I am integrating Google Sign-in capability to a Rails driven site. I am following the guide at https://developers.google.com/identity/sign-in/web/backend-auth, but I have run into a few problems.
The main hangup is the Verify the integrity of the ID token paragraph. It outlines several steps to verifying the JWT, and then states:
Rather than writing your own code to perform these verification steps, we strongly recommend using a Google API client library for your platform, or calling our
tokeninfovalidation endpoint.
I have been using the tokeninfo endpoint for debugging, but the documentation states:
[the
tokeninfoendpoint] is suitable only for deployments with fewer than 100 monthly active users, as well as for debugging and informational purposes....
Using one of the Google API Client Libraries is the recommended way to validate Google ID tokens in a production environment.
For Java, the Google API Client library includes a GoogleIdTokenVerifier object that can verifiy id tokens.
For Python, a verify_id_token function is provided.
I have searched through the docs for the Google Client API Ruby gem (currently in alpha) as well as the google-auth-library-ruby gem but have not been able find equivalent functionality.
Is there an equivalent of these for Ruby ?
Update:
It appears that https://code.google.com/p/google-id-token/ may do this; however, the project has not been updated since 2014.
I am looking for a maintained project, preferably directly from Google.
567
The id_token is used in OpenID Connect protocol, where the user is authenticated as well as authorized. (There's an important distinction between authentication and authorization.) You will get id_token and access_token. The id_token value contains the information about the user's authentication.
The repository has moved here: https://github.com/google/google-id-token
Looks to be actively maintained.
170
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
