Verifying the authenticity of Google sign-in ID tokens is a crucial step for Go backend servers. This article provides a straightforward solution for this task using the Google API Client Library and showcases its simplicity in validating ID tokens.
To validate ID tokens using the Google API Client Library for Go, you can follow these steps:
Install the library:
go get google.golang.org/api/idtoken
Import the library and use the Validate function:
import (
"context"
"fmt"
idtoken "google.golang.org/api/idtoken/v2"
)
func main() {
ctx := context.Background()
tokenString := "<Your ID token>"
audience := "<Your web application client ID>"
payload, err := idtoken.Validate(ctx, tokenString, audience)
if err != nil {
panic(err)
}
fmt.Print(payload.Claims)
}Executing this code will generate an output similar to:
map[
aud:<Your web application client id>
azp:<Your android application client id>
email:<Authenticated user email>
email_verified:true
exp:<expire at>
family_name:<Authenticated user lastname>
given_name:<Authenticated user firstname>
iat:<issued at>
iss: <accounts.google.com or https://accounts.google.com>
locale:en
name:<Authenticated User fullname>
picture:<Authenticated User Photo URL>
sub: <Google Account ID [Use this to identify a id uniquely]>
]This output provides detailed information about the authenticated user, including their email, name, Google Account ID, and more. By validating the ID token efficiently using the Google API Client Library for Go, you can enhance the security and reliability of your authentication process.
The above is the detailed content of How to Validate Google Sign-In ID Tokens in Go?. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
