在我从docs here获得的网站的HTML中>
<script src="https://accounts.google.com/gsi/client"></script> <div id="g_id_onload" data-client_id={googleClientID} data-login_uri='https://mytestdomain.appspot.com/google' data-return_uri={uri} ></div>[当网站加载后,它向我显示继续我的Google帐户的提示,我单击“继续”,它显示我已登录,Webhook确实被调用,我可以从Cookie中获取
g_csrf_token,然后尝试使用google-auth-library所述的here in the docs进行验证,该one-tap docs here链接自const { OAuth2Client } = require("google-auth-library"); ... app.post("/google", function(req, res) { const idToken = req.cookies.g_csrf_token; const audience = process.env.GOOGLE_CLIENT_ID const client = new OAuth2Client(audience); async function verify() { const ticket = await client.verifyIdToken({ idToken, audience }); const payload = ticket.getPayload(); const userid = payload["sub"]; console.log('------------------ userid'); console.log(userid); } verify().catch(console.error); res.status(200).send({ req }); });
Error: Wrong number of segments in token: 87ba1eb4d6261b6b at OAuth2Client.verifySignedJwtWithCertsAsync (/app/node_modules/google-auth-library/build/src/auth/oauth2client.js:525:19) at OAuth2Client.verifyIdTokenAsync (/app/node_modules/google-auth-library/build/src/auth/oauth2client.js:391:34) at processTicksAndRejections (internal/process/task_queues.js:97:5) at async verify (/app/server.js:71:20)我得到的错误是
req.body.credential文档确实建议我们应该将令牌作为POST参数以及在cookie中获取,我已经检查了
req.query.credential,req.params.credential,docs here,但是从[C0 ]
After an ID token is returned from Google, it's submitted by an HTTP POST method request to your login endpoint with the parameter name credential.
在网站的HTML中,我从这里的文档中获得了
g_csrf_token cookie,但这是错误的!