The task is to verify the JWT certificate in the identifier token. There is currently no library that I know that can do this, which does not require .Net 4.5, and until there is a solution to test JWT in .NET 4.0, there will be no easy solution.
However, if you have an access token, you can look at the verification using oauth2.tokeninfo . To perform a basic check using token data, you can do something like the following:
// Use Tokeninfo to validate the user and the client. var tokeninfo_request = new Oauth2Service().Tokeninfo(); tokeninfo_request.Access_token = _authState.AccessToken; var tokeninfo = tokeninfo_request.Fetch(); if (userid == tokeninfo.User_id && tokeninfo.Issued_to == CLIENT_ID) { // Basic validation succeeded } else { // The credentials did not match. }
The information returned by the Google OAuth2 API tells you more information about a specific token, such as the identifier of the client that was issued and its expiration time.
Note You should not skip the access token, but instead, do this check after exchanging a one-time code to obtain an access token.
class
source share