在我从docs here获得的网站的HTML中>
<script src="https://accounts.google.com/gsi/client"></script>
<div
id="g_id_onload"
data-client_id={googleClientID}
data-login_uri='https://mytestdomain.appspot.com/google'
data-return_uri={uri}
></div>
[当网站加载后,它向我显示继续我的Google帐户的提示,我单击“继续”,它显示我已登录,Webhook确实被调用,我可以从Cookie中获取g_csrf_token,然后尝试使用google-auth-library所述的here in the docs进行验证,该one-tap docs here链接自const { OAuth2Client } = require("google-auth-library");
...
app.post("/google", function(req, res) {
const idToken = req.cookies.g_csrf_token;
const audience = process.env.GOOGLE_CLIENT_ID
const client = new OAuth2Client(audience);
async function verify() {
const ticket = await client.verifyIdToken({ idToken, audience });
const payload = ticket.getPayload();
const userid = payload["sub"];
console.log('------------------ userid');
console.log(userid);
}
verify().catch(console.error);
res.status(200).send({ req });
});
Error: Wrong number of segments in token: 87ba1eb4d6261b6b at OAuth2Client.verifySignedJwtWithCertsAsync (/app/node_modules/google-auth-library/build/src/auth/oauth2client.js:525:19) at OAuth2Client.verifyIdTokenAsync (/app/node_modules/google-auth-library/build/src/auth/oauth2client.js:391:34) at processTicksAndRejections (internal/process/task_queues.js:97:5) at async verify (/app/server.js:71:20)
我得到的错误是
req.body.credential文档确实建议我们应该将令牌作为POST参数以及在cookie中获取,我已经检查了req.query.credential,req.params.credential,docs here,但是从[C0 ]
After an ID token is returned from Google, it's submitted by an HTTP POST method request to your login endpoint with the parameter name credential.
在网站的HTML中,我从这里的文档中获得了
g_csrf_token cookie,但这是错误的!