I am integrating the Google Sign-in ability into a Rails-driven site. I follow the guide at https://developers.google.com/identity/sign-in/web/backend-auth , but I am having problems.
The main hang is Check integrity of the identifier paragraph . It describes a few steps to validate a JWT, and then points out:
Rather than writing your own code to complete these verification steps, we strongly recommend using the Google API client library for your platform or calling our tokeninfo verification tokeninfo .
I use the tokeninfo for debugging, but the documentation says:
[ tokeninfo ] is only suitable for deployments with less than 100 monthly active users, as well as for debugging and informational purposes.
...
Using one of the Google API client libraries is the recommended way to verify Google ID tokens in a production environment.
For Java, the Google API client library includes a GoogleIdTokenVerifier object that can validate id identifiers.
For Python, the verify_id_token function is verify_id_token .
I looked at the documents for the Google API Ruby gem API (currently in alpha) as well as google-auth-library-ruby , but could not find the equivalent functionality.
Is there an equivalent for Ruby?
Update:
It seems that https://code.google.com/p/google-id-token/ can do this; however, the project has not been updated since 2014.
I am looking for a supported project, preferably directly from Google.
therealrootuser
source share