mavmaso
How to test the google auth token
I already have google auth in my front(react) that returns to me:
access_token, expires_in, id_token, login_hint, scope, session_state.
All that data that google returns to my front. Now I just want to verify if this token its right. I know I can do it via this endpoint: https://oauth2.googleapis.com/tokeninfo?id_token=ID_TOKEN
But, it is another way via any hex ?
Most Liked
tangui
An ID Token is digitally signed and usually doesn’t require calling back a service to determine whether it is valid or not. Instead the signature can be verified locally, using the keys published by Google (see the jwks member of https://accounts.google.com/.well-known/openid-configuration).
There are some libraries such as JOSE, Joken or OpenIDConnect which can be used to verify the signature.
I have also not long ago released Plugoid which relies on the OIDC library, which has an ID Token verification function (OIDC.IDToken.verify/3).
Popular in Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance









