All geek questions in one place

Google endpoint doesn't return username anymore

I am using Google Login in my iOS app. Everything worked well until recently, when I noticed that the application no longer receives a username, only the email address is returned.

I get the token through the application that I send to my server, which I used to get full information by sending a request to this endpoint:

https://www.googleapis.com/oauth2/v1/tokeninfo?id_token=MYTOKEN

Now I get this answer:

 { "issuer": "https://accounts.google.com", "issued_to": "o37l8g.apps.googleusercontent.com", "audience": "o37l8g.apps.googleusercontent.com", "user_id": "113504", "expires_in": ​814, "issued_at": ​1452991611, "email": " myemail@gmail.com ", "email_verified": true }

I tried to use other endpoints, for example https://www.googleapis.com/oauth2/v1/tokeninfo?access_token= and https://www.googleapis.com/oauth2/v1/userinfo?access_token= , but none of They didn’t work.

I also tried with the playground, but I can’t find which endpoint to use, my area is well defined, and I see all permissions in the iOS application, but for some reason it still doesn’t return the username ... Any ideas?

+5
source share
2 answers

You should use access_token instead of id_token, so you can still request the tokeninfo endpoint for your token using:
https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=

But now you can also request other endpoints to access other information, for example, the name:
https://www.googleapis.com/plus/v1/people/me?access_token=

Check how you use the Google SignIn iOS SDK and make sure that you send the access_token command to your server instead of id_token.

Swift example:

  func signIn(signIn: GIDSignIn!, didSignInForUser user: GIDGoogleUser!, withError error: NSError!) { let token = user.authentication.accessToken // YES let token = user.authentication.idToken // Maybe NO ...
+3
source

According to OpenID Connect Documentation

For debugging purposes, you can use the Gookles tokeninfo endpoint. Suppose the value of your ID token is XYZ123. Then you will look for the URI https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=XYZ123 . If the token is valid, the response will be its decoded form of JSON.

As a result, you should use https://www.googleapis.com/oauth2/v3/tokeninfo?id_token= instead

Here is an example of the result:

 { "iss": "https://accounts.google.com", "at_hash": "q5xc...", "aud": "6043....apps.googleusercontent.com", "sub": "10983809...", "email_verified": "true", "azp": "6043....apps.googleusercontent.com", "email": " ...@gmail.com ", "iat": "1453101827", "exp": "1453105427", "name": "BNK", "picture": "https://lh6.googleusercontent.com/-XP8Sq0RiUvg/AAAAAAAAAAI/.../photo123.jpg", "given_name": "...", "family_name": "...", "locale": "en", "alg": "RS256", "kid": "411f5ba60aa6....ec50f90e8" }
+2
source

Source: https://habr.com/ru/post/1240782/

More articles:


All Articles