问题
We have an implementation of Google sign-in https://developers.google.com/identity/sign-in/web/backend-auth.
According to the documentation https://developers.google.com/identity/protocols/OpenIDConnect#obtainuserinfo and the best practice (from the first link), google user_id (sub) is a unique identifier, and it can't be changed.
sub> An identifier for the user, unique among all Google accounts and never reused. A Google account can have multiple emails at different points in time, but the sub value is never changed. Use sub within your application as the unique-identifier key for the user.
However, we experience the scenario when we have an account in our system with the email from id_token, but google user_id is different with which it was registered previously.
Question: how it can be? Can I trust email from id_token and link new google_user_id to the internal account?
来源:https://stackoverflow.com/questions/53421907/can-google-user-id-be-changed