Tools, FAQ, Tutorials:
Validate Google OpenID Connect id_token Signature
How to validate the id_token signature received from Google OpenID Connect authentication response?
✍: FYIcenter.com
You can try to validate the "id_token" signature with your own code logic in these steps:
1. Take out the "kid" value from "Header" component of the "id_token". This will be used to identify the public key Google OpenID Connect service used to sign the "id_token". The "kid" value is replacing the "x5t" value. So stop using the "x5t" value.
Header = Header = { "alg": "RS256", "kid": "08d3245c62f86b6362afcbbffe1d069826dd1dc1", "typ": "JWT" }
2. Get certificates of all Google public keys from https://www.googleapis.com/oauth2/v1/certs. This URL is included in the metadata document in your application registration.
{ "b15a2b8f7a6b3f6bc08bc1c56a88410e146d01fd": "-----BEGIN CERTIFICATE-----\nMIIDJjCCAg6gAwIBAgIIM7dsQ7..." "08d3245c62f86b6362afcbbffe1d069826dd1dc1": "-----BEGIN CERTIFICATE-----\nMIIDJjCCAg6gAwIBAgIIGGqu9B..." }
3. Find the certificate of the public key that matches the "kid" value from the id_token.
4. Validate the "Signature" component of the "id_token" with this public key certificate.
⇒ Google OpenID Connect Access Token Request
⇐ Validate Google OpenID Connect id_token
2019-02-05, 1421🔥, 0💬
Popular Posts:
How To Access a Global Variable inside a Function? in PHP? By default, global variables are not acce...
Where to find tutorials on RSS specifications? I want to learn it to describe my API services. Here ...
How to install "The Windows SDK version 8.1"? I need to build my Visual Studio C++ applications. If ...
How to Install Docker Desktop on Windows 10? You can follow this tutorial to Install Docker Desktop ...
Where to find tutorials on Python programming language? I want to learn Python. Here is a large coll...