• Stars
    star
    4
  • Rank 3,303,977 (Top 66 %)
  • Language
    Erlang
  • License
    MIT License
  • Created about 8 years ago
  • Updated over 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Google ID token verifier for Erlang

Google ID Token Verifier - Erlang

Build Status Hex.pm

An Erlang application that verifies the integrity of Google ID tokens in accordance with Google's criterias.

Google ID tokens are JWT web tokens passed by clients applications who authenicated to Google Identity Platform

OTP Version

Required: OTP 18 and later

Setup

This application can be downloaded as a dependency from Hex

{deps, [
  {google_token, "1.0.5"}
]}. 

Start google_token in your application's .app.src file

{applications, [
  kernel,
  stdlib,
  crypto,
  ssl,
  inets,
  google_token  
]}.

NOTE: The applications crypto, ssl, and inets must be started first

Usage

Once started, google_token can be used by calling either validate/1 or validate/2

IdToken = <<"eyJhbGciOiJSUzI1NiIsImtpZCI6IjcxMjY3OWMzMzVmMWQyZGIxM2FkZTQ0N2NlYjY2NThkM2QwZWExZWIifQ....">>,
{valid, Claims} = google_token:validate(IdToken).

It's necessary to check the aud claim against your own client ID. You can do this manually by yourself, or you can pass a list of IDs as the second parameter of validate/2

IdToken = <<"eyJhbGciOiJSUzI1NiIsImtpZCI6IjcxMjY3OWMzMzVmMWQyZGIxM2FkZTQ0N2NlYjY2NThkM2QwZWExZWIifQ....">>,
Ids = [<<"...apps.googleusercontent.com">>],
{valid, Claims} = google_token:validate(IdToken, Ids).

Implementation based on: https://developers.google.com/identity/sign-in/web/backend-auth