0

I'm using the Sign in With Google button for authentication, as described on this site: https://developers.google.com/identity/gsi/web/guides/get-google-api-clientid

The frontend code looks like this:

window.onload = function () { 
  google.accounts.id.initialize({ 
    client_id: "<my_client_id>", 
    ux_mode: "redirect", 
    login_uri: "https://my-app.netlify.app/auth/success" 
  });

  google.accounts.id.renderButton(
    document.getElementById("buttonDiv"), 
    { type: 'button', theme: "filled_blue", size: "large" 
  }) 
};

I'm using the google-auth-library on my server to handle decoding the token in the redirect uri, like so:

  const body = await req.text();
  const params = new URLSearchParams(body);
  const token = params.get('credential');
  
  const ticket = await client.verifyIdToken({
    idToken: token,
    audience: GOOGLE_CLIENT_ID,
  });

When developing on localhost, everything works correctly, and after logging in with google, it sends me to my /auth/success endpoint, and google sends me a credential in the POST request that I can decode, and access the payload.

When deploying my site to production though, I get the following error, which is caused by the verifyIdToken function:

{
"errorType": "Error",
"errorMessage": "The verifyIdToken method requires an ID Token",
"trace": [
"Error: The verifyIdToken method requires an ID Token",
"    at OAuth2Client2.verifyIdTokenAsync (/var/task/netlify/functions/entry.js:65347:17)",
"    at OAuth2Client2.verifyIdToken (/var/task/netlify/functions/entry.js:65342:23)",
"    at Module.post (/var/task/netlify/functions/entry.js:101420:31)",
"    at async renderEndpoint (/var/task/netlify/functions/entry.js:91062:10)",
"    at async call (/var/task/netlify/functions/entry.js:91704:20)",
"    at async App.callEndpoint_fn (/var/task/netlify/functions/entry.js:91891:18)",
"    at async Runtime.handler2 [as handler] (/var/task/netlify/functions/entry.js:99888:22)"
]
}

After doing some debugging it seems that google is not sending me the credential in the POST request to /auth/success.

In Google Cloud Platform, where I got my client id etc from, I've added my site to 'Authorized JavaScript origins" as well as "Authorized Redirect URIs": my-app.netlify.app/auth/success, my-app.netlify.app/, and changed the publishing status to "in production". But still the authentication wont work.

Does anybody know what I'm doing wrong or what I'm overlooking?

Pazzle
  • 376
  • 6
  • 16

0 Answers0