问题
I have implemented back-end which receives Google Sign In token from Android or iOS device and tries to verify it. Code has worked properly few months ago, it has not changed but recently it began to reject all tokens as invalid. When I try to repeat verification again with previously failed token after ~10s of its issue time, it begins to work and returns user information. Why does it happen?
try {
GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(new NetHttpTransport(), new JacksonFactory()).setIssuer(ISSUER).build();
GoogleIdToken idToken = verifier.verify(token);
if (idToken != null) {
Payload payload = idToken.getPayload();
ExternalUserInfo externalUserInfo = new ExternalUserInfo();
externalUserInfo.setId((String) payload.getSubject());
externalUserInfo.setName((String) payload.get("given_name"));
externalUserInfo.setFamilyName((String) payload.get("family_name"));
externalUserInfo.setEmail(payload.getEmail());
externalUserInfo.setLocale((String) payload.get("locale"));
externalUserInfo.setSystemId(AuthorizationMapper.TYPE_GOOGLE);
return externalUserInfo;
} else {
logger.debug("Invalid Google Sign in token " + token);
}
} catch (Exception e) {
logger.error("Error while getting Google Sign in user info for token " + token, e);
}
来源:https://stackoverflow.com/questions/38461832/google-sign-in-googleidtokenverifier-verifies-token-with-delay