验证.Net后端服务器中的Google ID令牌 [英] Validate Google ID Token in a .Net backend server

问题描述

所以，我有一个Java脚本和一个.NET后端.在Javascript中，当用户登录时，我会获取Google ID令牌，我想将其传递给后端，并且: 1)验证令牌 2)提取电子邮件，用户名等.

So, I have a Java-script and a .NET backend. In the Javascript i fetch the Google ID token when the user log in and the I would like to pass this to the backend and: 1) Validate the token 2) Extract the email, username etc.

这在Java文档中进行了解释: https://developers.google.com/identity/sign-in/web/backend-auth

This is explained in documentation for java: https://developers.google.com/identity/sign-in/web/backend-auth

主要是:

GoogleIdToken idToken = verifier.verify(idTokenString);

GoogleIdToken idToken = verifier.verify(idTokenString);

并且:

字符串email = payload.getEmail();

String email = payload.getEmail();

在Java中是如此简单！但是在.NET中该怎么办?我找不到文档！我找到了以下线程，但似乎是一个非常复杂的解决方案.那真的是最简单的方法吗?

So simple in Java! But what to do in .NET? I cannot find the documentation! I found the following thread, but it seems like a quite complicated solution. Is that really the most easy way?

干杯， 马蒂亚斯(Mattias)

Cheers, Mattias

推荐答案

您可能想要

You probably want GoogleJsonWebSignature.ValidateAsync(...).

这提供了与您发布的Java几乎相同的行为. 唯一缺少的功能是检查令牌的读者字段(此遗漏是由于跟踪问题

This provides almost the same behaviour as the Java you posted. The only missing functionality is to check the audience field of the token (This omission is tracked issue #1042).

这篇关于验证.Net后端服务器中的Google ID令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！