Google OAuth2 JWS API Compliance

Question

Google OAuth2 JWS API Compliance

Currently, Google provides https://www.googleapis.com/oauth2/v2/certs with the following certificate values

{
 "keys": [
  {
   "kty": "RSA",
   "alg": "RS256",
   "use": "sig",
   "kid": "90adc60c0f9f503265a5ebc2c404c88e59882083",
   "n": "u_EOLEKRMNuTA_UPh9R-LTQkF1TNGE6XRVbgvh081A5VtKNFe8b2CmoGvgrm_ochjX0robr8LwpOUSHO779yJANgvwuATHJ4SKYHzN2Gr0yBsC7MyL9CI_eXik4RGiNlEU6mgoy7GGnLtY5-A6OPo-I-4HEttP81LJrmSYh6Y2k=",
   "e": "AQAB"
  },
  {
   "kty": "RSA",
   "alg": "RS256",
   "use": "sig",
   "kid": "5886590f72b8e40668c55fa366c19efb2a22d635",
   "n": "x9mePRk3StM-Tg32S_E8OyBYD8uIHhPPa6U8jkHbpnRf2jEImk1ndIwIoJQCrHl1IsKpY1j81fyQKul0u1Frvb-LFGFVY3L7zSR4hnwzuU_05JtKZRfK-87Kj8JVMJbt34SKRmUitPH4QA23b6g-ORUMYjqWgNWufV6OPy8GYNE=",
   "e": "AQAB"
  }
 ]
}

I am trying to access the Google API using oic and jwkest and get an error

DeSerializationNotPossible: Not base64url encoded

The problem arises because the parameters of nboth keys end with a character =. IIUC, they must be Base64URL encoded according to the JSON Web Algorighms draft , and Base64URL will separate characters =according to the JSON Web Signature Project .

Python, , Google ? : ?

+4

google-oauth openid-connect google-openid jwe

Martin v. Löwis 14 . '14 22:09

1

Brian Campbell · Answer 1 · 2015-10-27T11:37:29+0000

, Google ( RFC) JWA JWS base64, base64url. , JWKS: https://www.googleapis.com/oauth2/v3/certs, , v2, . v3 , .

Google OAuth2 JWS API Compliance

More articles: