在Go中验证Google登录ID令牌 [英] Validating Google sign in ID token in Go

问题描述

我正在寻找一种方法来验证带有Go后端服务器项目的Android的Google登录的ID令牌.

I am finding the way to validate ID token for Google sign-in for Android with a Go backend server project.

在Go中使用Google API客户端库来验证ID令牌的等效功能是什么?

What is the equivalent function for validating ID tokens by using a Google API Client Library in Go?

此页面上的使用Google API客户端库部分

https://developers.google.com/identity/sign-in/android/backend-auth#using-a-google-api-client-library

有Java和Python示例，并且有用于使用PHP，Node.js和其他语言的Google API客户端库验证ID令牌的链接.我检查了我的目标语言；去这里

There are Java and Python examples and there are links for verify ID tokens with the Google API Client Library for PHP, Node.js, and other languages. I checked for my target language; Go here

https://github.com/google/google-api-go-client/blob/master/GettingStarted.md

但是，我发现Java和Python示例中没有等效的用于验证令牌的函数. Go中有执行此操作的功能吗?

However, I found not equivalent function for validating token like in Java and Python example. Is there any function in Go for doing such thing?

我不想使用令牌信息终结点

I don't want to use token info endpoint

https://www.googleapis.com/oauth2/v3/tokeninfo? id_token = XYZ123

因为它引入了可能的延迟和网络错误.我希望使用Google API客户端库.请指导我应该去哪里看看.

since it introduces possible latency and network error. I wish to use Google API Client Library. Please guide me where should I look into.

推荐答案

这就是我使用 https://github.com/google/google-api-go-client 库:

import (
    "google.golang.org/api/oauth2/v2"
    "net/http"
)

var httpClient = &http.Client{}

func verifyIdToken(idToken string) (*oauth2.Tokeninfo, error) {
    oauth2Service, err := oauth2.New(httpClient)
    tokenInfoCall := oauth2Service.Tokeninfo()
    tokenInfoCall.IdToken(idToken)
    tokenInfo, err := tokenInfoCall.Do()
    if err != nil {
        return nil, err
    }
    return tokenInfo, nil
}

oauth2.Tokeninfo对象具有有关用户的信息. 请注意，这会调用 https://www.googleapis.com/oauth2/v2/tokeninfo ，我认为所有Google API客户端库都会在后台进行此http调用.

oauth2.Tokeninfo object has info about the user. Note that this makes a call to https://www.googleapis.com/oauth2/v2/tokeninfo and I think that all Google API Client Libraries make this http call under the hood.

这篇关于在Go中验证Google登录ID令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！