drt12345678 2018-08-30 06:34
浏览 1284
已采纳

如何通过Google idToken获取userInfo

Now I hava a google Idtoken, I want to get the user information through the token, from this page I found how to verify and get the tokenInfo, Validating Google sign in ID token in Go but the tokenInfo doesn't contain user picture. what should I do to get the user information?

  • 写回答

1条回答 默认 最新

  • doumalu9257 2018-08-30 12:07
    关注

    id_token is a jwt. I first use validating-google-sign-in-id-token-in-go to check the token is vailed. 

    authService, err := oauth2.New(http.DefaultClient)
if err != nil {
    return err
}
// check token is valid
tokenInfoCall := authService.Tokeninfo()
tokenInfoCall.IdToken(idToken)
ctx, cancelFunc := context.WithTimeout(context.Background(), 1*time.Minute)
defer cancelFunc()
tokenInfoCall.Context(ctx)
tokenInfo, er := tokenInfoCall.Do()
if err != nil {
    // invalid token
}

    Then I parse the id_token as jwt, decode the payload to json.

    token, _, err := new(jwt.Parser).ParseUnverified(idToken, &TokenInfo{})
if tokenInfo, ok := token.Claims.(*TokenInfo); ok {
    return tokenInfo, nil
} else {
    // parse token.payload failed
}

// TokenInfo struct
type TokenInfo struct {
        Iss string `json:"iss"`
    // userId
    Sub string `json:"sub"`
    Azp string `json:"azp"`
    // clientId
    Aud string `json:"aud"`
    Iat int64  `json:"iat"`
    // expired time
    Exp int64 `json:"exp"`

    Email         string `json:"email"`
    EmailVerified bool   `json:"email_verified"`
    AtHash        string `json:"at_hash"`
    Name          string `json:"name"`
    GivenName     string `json:"given_name"`
    FamilyName    string `json:"family_name"`
    Picture       string `json:"picture"`
    Local         string `json:"locale"`
    jwt.StandardClaims
}

    the value like: 

    {
 // These six fields are included in all Google ID Tokens.
 "iss": "https://accounts.google.com",
 "sub": "110169484474386276334",
 "azp": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",
 "aud": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",
 "iat": "1433978353",
 "exp": "1433981953",

 // These seven fields are only included when the user has granted the "profile" and
 // "email" OAuth scopes to the application.
 "email": "testuser@gmail.com",
 "email_verified": "true",
 "name" : "Test User",
 "picture": "https://lh4.googleusercontent.com/-kYgzyAWpZzJ/ABCDEFGHI/AAAJKLMNOP/tIXL9Ir44LE/s99-c/photo.jpg",
 "given_name": "Test",
 "family_name": "User",
 "locale": "en"
}

    then I get the picture.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 Windows Script Host 无法找到脚本文件"C:\ProgramData\Player800\Cotrl.vbs”
  • ¥15 matlab自定义损失函数
  • ¥15 35114 SVAC视频验签的问题
  • ¥15 impedancepy
  • ¥15 求往届大挑得奖作品(ppt…)
  • ¥15 如何在vue.config.js中读取到public文件夹下window.APP_CONFIG.API_BASE_URL的值
  • ¥50 浦育平台scratch图形化编程
  • ¥20 求这个的原理图 只要原理图
  • ¥15 vue2项目中,如何配置环境,可以在打完包之后修改请求的服务器地址
  • ¥20 微信的店铺小程序如何修改背景图