通過Php(Laravel)驗證Google ID令牌的完整性
[英]Verify the integrity of the Google ID token by Php (Laravel)
問題描述
我正在開發一個具有兩個方面的應用程序:移動端(IOS)和服務器端(PHP,Laravel 5.4)。 我正在使用Google自己的類來生成Google令牌,並將其以json格式發送到服務器。
我的Json看起來像這樣:
["name": "ali farhangmehr", "email": "ali.farhangmehr@gmail.com", "google_image_url": https://lh5.googleusercontent.com/-6KoifJgUUW0/AAAAAAAAAAI/AAAAAAAAA60/BbWD4fEDvHk/s100/photo.jpg, "googleToken": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjVlYTZiNzAzYjYzOTVmYzJlNWJkNmUzY2EwZjhiMzcxYTE0ODU5YjMifQ.eyJhenAiOiIyNTk3NjE1MTY5NjEtOXZ0Y3AyZnQ1dXZsaGJkdmxlM2lndDlsbDg3b3FwM2EuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhdWQiOiIyNTk3NjE1MTY5NjEtOXZ0Y3AyZnQ1dXZsaGJkdmxlM2lndDlsbDg3b3FwM2EuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMDU4NzI5MzY5MDEzOTMwNjEyNTEiLCJlbWFpbCI6ImFsaS5mYXJoYW5nbWVockBnbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiYXRfaGFzaCI6IkN6S0htamlYOUhDM2JjaGZRTGJ3ZXciLCJpc3MiOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20iLCJpYXQiOjE1MDIwNDc4MjAsImV4cCI6MTUwMjA1MTQyMCwibmFtZSI6ImFsaSBmYXJoYW5nbWVociIsInBpY3R1cmUiOiJodHRwczovL2xoNS5nb29nbGV1c2VyY29udGVudC5jb20vLTZLb2lmSmdVVVcwL0FBQUFBQUFBQUFJL0FBQUFBQUFBQTYwL0JiV0Q0ZkVEdkhrL3M5Ni1jL3Bob3RvLmpwZyIsImdpdmVuX25hbWUiOiJhbGkiLCJmYW1pbHlfbmFtZSI6ImZhcmhhbmdtZWhyIiwibG9jYWxlIjoiZW4ifQ.fMbcS3axTumt1hW4_Fss3C3QfLc_Ohhqlj3XfRkDmXixOlnEAV-9GaxI-6IOl0bdh382rJd2Ign4Fjdw8dJ5kGNhMmci9sV-_G50FU3vNH60RptJ04QX7BGrfUOjCJIV5dARJqsCNwqVWItR1F5z-gz9WHA0YKAjMCTWMWSuF03O0yowqzPoajwBLk5VNGOk7Q9fRvKEG7tnTGkckCBSBwWa5KdYnQw-k1OGB9W7qjcQrCelPE8SPzR_GwhHNoAGTOpZXQQSoeDNad8JWbExGZ9MeBDRoaLfLIoV7NRrVaSEwc4wSmga-yqlqjhGaULcdUGOZOasbhDyl28ULEDK2w"]
到目前為止沒有問題。 然后,我必須檢查Google令牌是否有效,以便我可以注冊用戶或登錄電子郵件。這是Google自身與此文檔相關的鏈接https://developers.google.com/identity/sign-in/網絡/后端身份驗證
我遵循了所有內容,我的PHP代碼如下所示:
$input = $request->all();
$google_token = $input['google_token'] = $request->input('googleToken');
$client_id = $CLIENT_ID; //from my google console
$client=new Google_Client(['client_id' => $client_id]);
$payload=$client->verifyIdToken($google_token);
$client->verifyIdToken($google_token);
if ($payload) {
// do the login or register
} else {
return false;
}
並且每次我收到此錯誤:
(1/1) SignatureInvalidException
Signature verification failed
in JWT.php (line 112)
1 個解決方案
解決方案1
0 2017-10-28 18:56:01
這個問題是因為新的JWT for firebase只需在JWT上使用舊版本就可以了
composer require firebase/php-jwt:4.0
將 google 驗證簽名代碼 (kotlin) 轉換為 PHP (laravel)
[英]Convert google verify signature code (kotlin) to PHP (laravel)
如何從此Android應用獲取此Google登錄ID令牌以驗證服務器端?
[英]How can I get this Google Login ID Token from this Android app to verify server-side?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.