stackoom
  简体   繁体   中英

Unable to verify the ID Token: jwt.split is not a function

 原文  2016-06-27 14:19:59       javascript/ node.js/ identity/ gitkit

Question

I am trying to verify Google ID Token on Node.js server.

I am getting this error:

Unable to verify the ID Token: jwt.split is not a function

Here is the link of code that I am following from Google's official documentation:

Google Identity Toolkit Node

2 answers

solution1
 1  2016-06-27 15:09:08

Looks like you need to install a jwt framework like this or this .
I believe that you need the first link for the server and possible the second link for the website (more info on the website here ).

solution2
 0  2019-01-06 20:00:18

In my scenario, locally it worked like a charm, but inside AWS lambda, it caused the same error reported, so I've endup using this URL and Axios(you can use any HTTP client) to check the token validity and domain of the user:

https://www.googleapis.com/oauth2/v3/tokeninfo?id_token= {id_token}

This is the idea:

//googleTokenValidatorService
const ENV = require('../config.json');
const AXIOS = require('axios');
function getToken(token) {
  return AXIOS.get(ENV.GOOGLE_VALIDATION_URL + token)
}

function validate(token){
  return new Promise((resolve, reject) => { 
    getToken(token)
      .then(
        (response) => {
          if(isTokenOk(response.data)){
            resolve(response.data)
          }else{
            reject({status:401, message:"You do not have permission to access this resource."})
          }
        },
        (error) => {
          console.log("--- status  " + error.response.status + " with token")
          console.log(token)
          reject({status:401, message:"Invalid google token."}) 
        }
      )
  })
}

const acceptableHds = new Set(
  ['validDomain1.com', 'validDomain2.com']
);

const acceptableClientIDs = new Set(
  [ENV.CLIENT_ID_WEB,ENV.CLIENT_ID_IOS, ENV.CLIENT_ID_ANDROID]
)

function isTokenOk(payload){
  return payload &&
    new Date(payload.exp * 1000) > new Date() &&
    acceptableClientIDs.has(payload.aud) &&
    acceptableHds.has(payload.hd)
}

module.exports = { 
  validate
}

And then used it to validate before executing some action:

    //some other file
return googleUserValidator.validate(request.headers.token)
.then(productService.getProductDetails.bind({id:request.pathParams.id}))
                    .then(OK)
                    .catch(SERVER_ERROR);

It was enough for me, hope it helps someone.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question TypeError: jwt.split is not a function at OAuth2Client.verifySignedJwtWithCertsAsync Node package: google-auth-library Verify if Token JWT is valid NodeJS: Unable to verify JWT with Okta JWT Verifier how to verify jwt token in nodejs / never expire? Storing JWT token ID in $rootScope Verify Token generated in C# with System.IdentityModel.Tokens.Jwt Verify Google ID Token with Node js Verify ID Token provided by Google with Firebase in Expo How to send and verify refresh token after expiration of jwt token without refreshing page Not getting "email" from firebase verify id token using google sign in
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM