4

I'm trying to do this:

https://developers.google.com/identity/sign-in/web/backend-auth#calling-the-tokeninfo-endpoint

I copy pasted the Java code from the example, with my CLIENT_ID, but I can't get any more information than user id, email and email verified. idTokenString verifies OK. Have anyone else got this to work?

I asked for these in OAuth 2.0 Playground:

https://www.googleapis.com/auth/plus.login

https://www.googleapis.com/auth/plus.me

https://www.googleapis.com/auth/userinfo.email

https://www.googleapis.com/auth/userinfo.profile

https://www.googleapis.com/auth/plus.moments.write

https://www.googleapis.com/auth/plus.profile.agerange.read

https://www.googleapis.com/auth/plus.profile.language.read

https://www.googleapis.com/auth/plus.circles.members.read

I guess the user.profile is the one i need only?

This is my code:

GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory)
                .setAudience(Arrays.asList(CLIENT_ID))
                .setIssuer("accounts.google.com")
                .build();

        GoogleIdToken idToken = verifier.verify(idTokenString);
        System.out.println("SUCCESS!");
        System.out.println(idToken);

        if (idToken != null) {
            GoogleIdToken.Payload payload = idToken.getPayload();

            // Print user identifier
            String userId = payload.getSubject();
            System.out.println("User ID: " + userId);

            // Get profile information from payload
            String email = payload.getEmail();
            boolean emailVerified = payload.getEmailVerified();
            String name = (String) payload.get("name");
            String pictureUrl = (String) payload.get("picture");
            String locale = (String) payload.get("locale");
            String familyName = (String) payload.get("family_name");
            String givenName = (String) payload.get("given_name");

            // Use or store profile information
            // ...
            System.out.println(email);
            System.out.println(emailVerified);
            System.out.println(name);
            System.out.println(pictureUrl);
            System.out.println(locale);
            System.out.println(familyName);
            System.out.println(givenName);


        } else {
            System.out.println("Invalid ID token.");
        }
    } catch (GeneralSecurityException | IOException e) {

        System.out.println("ERRRRO! Invalid ID token.");
    }

Using: java-api-client 1.20.0

Improve this question

1 Answer 1

Reset to default
3

I encountered the same issue today using com.google.api-client:google-api-client:1.22.0

But I was able to solve it.

Problem

When trying to get id token from OAuth2 playground I've noticed that there is this request

POST /oauth2/v4/token HTTP/1.1 Host: www.googleapis.com

The Google library has hard coded TOKEN_SERVER_URL in GoogleOAuthConstants with value https://accounts.google.com/o/oauth2/token

Fix

To fix it I've created following class

public class GoogleAuthorizationCodeTokenV4Request extends GoogleAuthorizationCodeTokenRequest {


    public GoogleAuthorizationCodeTokenV4Request(HttpTransport transport, JsonFactory jsonFactory, String clientId, String
            clientSecret, String code, String redirectUri) {
        super(transport, jsonFactory, "https://www.googleapis.com/oauth2/v4/token", clientId, clientSecret,
            code, redirectUri);
    }
}

And then just invoke it instead the original GoogleAuthorizationCodeTokenRequest

return new GoogleAuthorizationCodeTokenV4Request(new NetHttpTransport(), JacksonFactory.getDefaultInstance(),
                clientId, secret, authToken, callBack)
                .execute();

With profile scope all information (picture, names, ...) are in id_token

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Was wondering why all the auth code flows were not using this. Worked for me, thank you.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.