How does the Google authentication work?

rwwwwwwww · November 29, 2021, 8:17am

Basically when I sent an authentication using a Google token, how does nakama verify that token is legit? Does it actually verify it through some api that connects back to Google’s servers?

mofirouz · November 29, 2021, 9:40am

You can view the source code:

github.com

heroiclabs/nakama/blob/master/social/social.go#L276

    
      
          
          
	err = signingMethod.Verify(payloadBase64, signatureBase64, []byte(appSecret))
          	if err != nil {
          		return "", err
          	}
          
          
	return payload.PlayerID, nil
          }
          
          
// CheckGoogleToken extracts the user's Google Profile from a given ID token.
          func (c *Client) CheckGoogleToken(ctx context.Context, idToken string) (*GoogleProfile, error) {
          	c.logger.Debug("Checking Google ID", zap.String("idToken", idToken))
          
          
	c.googleMutex.RLock()
          	if c.googleCertsRefreshAt < time.Now().UTC().Unix() {
          		// Release the read lock and perform a certificate refresh.
          		c.googleMutex.RUnlock()
          		c.googleMutex.Lock()
          		if c.googleCertsRefreshAt < time.Now().UTC().Unix() {
          			certs := make(map[string]string, 3)
          			err := c.request(ctx, "google cert", "https://www.googleapis.com/oauth2/v1/certs", nil, &certs)

Topic		Replies	Views
Google Play Games Token (502 error) Runtime Framework authentication	1	18	April 5, 2024
Authentication or SignIn with Google new PlayGamesServices 0.11.01 Client Libraries authentication	9	814	October 16, 2023
Authenticating user via google game services: Unauthorized Local Setup authentication	12	3633	July 22, 2019
AuthenticateGoogleAsync fails with Google Play 0.11.01 in Unity Client Libraries	3	428	March 17, 2023
Could not authenticate google profile Client Libraries getting-started	1	297	May 17, 2023

How does the Google authentication work?

Related Topics