Google Identity toolkit error on verifying IdToken (Client: Android, Backend: Node.js)

时间:2015-12-10 01:59:09

标签: javascript android node.js google-identity-toolkit json-web-token

I'm using the Google Identity toolkit for android to give the users of my app a way to register/login without remembering a new password and to save me the hassle from saving all passwords securely.

This is my Code on Android, which basically sends the IdToken string with POST to my Node.js server. Which works perfectly, the IdTokenString is sent to my Server with https.

        // Step 1: Create a GitkitClient.
    // The configurations are set in the AndroidManifest.xml. You can also set or overwrite them
    // by calling the corresponding setters on the GitkitClient builder.
    //
    client = GitkitClient.newBuilder(this, new GitkitClient.SignInCallbacks() {
        // Implement the onSignIn method of GitkitClient.SignInCallbacks interface.
        // This method is called when the sign-in process succeeds. A Gitkit IdToken and the signed
        // in account information are passed to the callback.
        @Override
        public void onSignIn(IdToken idToken, GitkitUser user) {
            showProfilePage(idToken, user);
            // Now use the idToken to create a session for your user.
            // To do so, you should exchange the idToken for either a Session Token or Cookie
            // from your server.
            // Finally, save the Session Token or Cookie to maintain your user's session.

            final JSONObject sendJson = new JSONObject();
            try {
                sendJson.put("tokenString", idToken.getTokenString());
            } catch (JSONException ex) {
                ex.printStackTrace();
            }

            new AsyncTask<Void, Void, Void>() {

                @Override
                protected Void doInBackground(Void... arg) {
                    try {
                        //Retrieve the logintoken from the server
                        HttpUtils.postSecure(Util.Constants.httpsServerUrl + "/registerwithtoken", sendJson.toString().getBytes("UTF-8"));
                    } catch (IOException ex) {
                        ex.printStackTrace();
                    }
                    return null;
                }

                @Override
                protected void onPostExecute(Void nothing) {

                }
            }.execute();

On my Node.js server i retrieve the IdToken String with the following code:

function registerWithToken(req, res) {
    var tokenString = req.body.tokenString;
    if(typeof tokenString == "undefined") {
        res.status(500).send('Tokenstring is undefined!');
    }
    console.log("INCOMING REGISTER WITH TOKEN");
    console.log(req.body);

    var decodedJWT = jwt.decode(tokenString, {complete: true});
    var idToken = decodedJWT.payload.toString();
    console.log(idToken);


    gitkitClient.verifyGitkitToken(idToken, function (err, resp) {
        if (err) {
            console.log("INVALID TOKEN!! "+err);
            res.status(500).send('Invalid token: ' + err);
        } else {
            //valid token!
            console.log("VALID TOKEN SEND JWT BACK TO ANDROID");

        }
    });
}

My problem is now that the node.js gitkitClient always returns that the Token is invalid, but I don't know why.

My idToken seems to be correct:

  { iss: 'https://identitytoolkit.google.com/',
  aud: '*devConsoleNumbers*.apps.googleusercontent.com',
  iat: 1449712391,
  exp: 1450921991,
  user_id: '*numbers*',
  email: '*mail*',
  provider_id: 'google.com',
  verified: true,
  display_name: '*John Doe*' }

The error line prints to the console:

INVALID TOKEN!! Unable to verify the ID Token: Wrong number of segments in token: [object Object]

I Have no Idea why the verifying is failing.

Is there a solution to this problem?

1 个答案:

答案 0 :(得分:1)

gitkitClient.verifyGitkitToken()期望将原始令牌字符串作为第一个参数:

  

gitkitClient.verifyGitkitToken( req.body.tokenString ,function(err,resp){...});