hanshsieh/VerifyIdToken.java

## google-sign-in-client-render-ui.html
<html>
    <head>
        <script src="https://apis.google.com/js/platform.js" async defer></script>
        <script type="text/javascript">
            function init() {
                gapi.load('auth2', function() {
                    auth2 = gapi.auth2.init({
                        client_id: 'XXXXXXXXX.apps.googleusercontent.com',
                        fetch_basic_profile: false,
                        scope: 'profile'
                    });
                    gapi.signin2.render("g-signin-btn", {
                            scope: 'email',
                            width: 200,
                            height: 50,
                            longtitle: false,
                            theme: 'dark',
                            onsuccess: onSignIn,
                            onfailure: null
                        });
                });
            }
            function onSignIn(googleUser) {
                console.log("on sign in, granted scopes: " + googleUser.getGrantedScopes());
                console.log("ID token: " + googleUser.getAuthResponse().id_token);
                var profile = googleUser.getBasicProfile();
                var message = 'ID: ' + profile.getId() + "\n"
                    + 'Name: ' + profile.getName() + "\n"
                    + 'Image URL: ' + profile.getImageUrl() + "\n"
                    + 'Email: ' + profile.getEmail();
                document.getElementById("message").value = message;
                setProfileImage(profile.getImageUrl());
            }
            function signOut() {
                var auth2 = gapi.auth2.getAuthInstance();
                auth2.signOut().then(function () {
                    console.log("on sign out");
                    setMessage("User signed out");
                    setProfileImage(null);
                });
            }
            function disconnect() {
                console.log("on disconnect");
                var auth2 = gapi.auth2.getAuthInstance();
                if (!auth2.isSignedIn.get()) {
                    setMessage("Not signed in, cannot disconnect");
                    return;
                }
                auth2.disconnect();
                setProfileImage(null);
                setMessage("Disconnected");
            }
            function setMessage(message) {
                document.getElementById("message").value = message;
            }
            function setProfileImage(srcUrl) {
                var element = document.getElementById("profileImage");
                if (srcUrl == null) {
                    element.style.display = "none";
                    element.src = "";
                } else {
                    element.style.display = "block";
                    element.src = srcUrl;
                }
            }
        </script>
    </head>
    <body onload="init()">
        <div id="g-signin-btn"></div>
        <div><a href="#" onclick="signOut();">Sign out</a></div>
        <div><a href="#" onclick="disconnect();">Disconnect</a></div>
        <div><img id="profileImage" src="" /></div>
        <textarea id="message" cols="80" rows="10"></textarea>
    </body>
</html>

## google-sign-in-client.html
<html>
	<head>
		<meta name="google-signin-client_id" content="XXXXXXX.apps.googleusercontent.com">
		<script src="https://apis.google.com/js/platform.js" async defer></script>
        <script type="text/javascript">
			function onSignIn(googleUser) {
                console.log("on sign in");
			    var profile = googleUser.getBasicProfile();
                var message = 'ID: ' + profile.getId() + "\n"
                    + 'Name: ' + profile.getName() + "\n"
                    + 'Image URL: ' + profile.getImageUrl() + "\n"
                    + 'Email: ' + profile.getEmail();
                document.getElementById("message").value = message;
                setProfileImage(profile.getImageUrl());
			}
			function signOut() {
				var auth2 = gapi.auth2.getAuthInstance();
				auth2.signOut().then(function () {
                    console.log("on sign out");
                    setMessage("User signed out");
                    setProfileImage(null);
				});
		    }
            function disconnect() {
                console.log("on disconnect");
				var auth2 = gapi.auth2.getAuthInstance();
                if (!auth2.isSignedIn.get()) {
                    setMessage("Not signed in, cannot disconnect");
                    return;
                }
                auth2.disconnect();
                setProfileImage(null);
                setMessage("Disconnected");
            }
            function setMessage(message) {
                document.getElementById("message").value = message;
            }
            function setProfileImage(srcUrl) {
                var element = document.getElementById("profileImage");
                if (srcUrl == null) {
                    element.style.display = "none";
                    element.src = "";
                } else {
                    element.style.display = "block";
                    element.src = srcUrl;
                }
            }
        </script>
	</head>
	<body>
		<div class="g-signin2" data-onsuccess="onSignIn"></div>
		<div><a href="#" onclick="signOut();">Sign out</a></div>
		<div><a href="#" onclick="disconnect();">Disconnect</a></div>
        <div><img id="profileImage" src="" /></div>
        <textarea id="message" cols="80" rows="10"></textarea>
	</body>
</html>

## VerifyIdToken.java
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.http.apache.ApacheHttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.jackson2.JacksonFactory;
import java.util.Collections;

/**
 * Hello world!
 *
 */
public class VerifyIdToken
{
    private static final String CLIENT_ID = "XXXXXXX.apps.googleusercontent.com";

    public static void main( String[] args ) throws Exception
    {
        new App();
    }

    public App() throws Exception {
        HttpTransport transport = new ApacheHttpTransport();
        JsonFactory jsonFactory = new JacksonFactory();
        GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory)
                .setAudience(Collections.singletonList(CLIENT_ID))
                // Or, if multiple clients access the backend:
                //.setAudience(Arrays.asList(CLIENT_ID_1, CLIENT_ID_2, CLIENT_ID_3))
                .build();
        String idTokenString = "my_token";
        GoogleIdToken idToken = null;
        for (int i = 0; i < 10; ++i) {
            idToken = verifier.verify(idTokenString);
        }
        if (idToken != null) {
            GoogleIdToken.Payload payload = idToken.getPayload();

            // Print user identifier
            String userId = payload.getSubject();

            // Get profile information from payload
            String email = payload.getEmail();
            Boolean emailVerified = payload.getEmailVerified();
            String name = (String) payload.get("name");
            String pictureUrl = (String) payload.get("picture");
            String locale = (String) payload.get("locale");
            String familyName = (String) payload.get("family_name");
            String givenName = (String) payload.get("given_name");

            System.out.println("User ID: " + userId);
            System.out.println("Email: " + email);
            System.out.println("Email verified: " + emailVerified);
            System.out.println("Name: " + name);
            System.out.println("Picture URL: " + pictureUrl);
            System.out.println("Locale: " + locale);
            System.out.println("Family name: " + familyName);
            System.out.println("Given name: " + givenName);
        } else {
            System.out.println("Invalid ID token.");
        }
    }
}
	<html>
	<head>
	<script src="https://apis.google.com/js/platform.js" async defer></script>
	<script type="text/javascript">
	function init() {
	gapi.load('auth2', function() {
	auth2 = gapi.auth2.init({
	client_id: 'XXXXXXXXX.apps.googleusercontent.com',
	fetch_basic_profile: false,
	scope: 'profile'
	});
	gapi.signin2.render("g-signin-btn", {
	scope: 'email',
	width: 200,
	height: 50,
	longtitle: false,
	theme: 'dark',
	onsuccess: onSignIn,
	onfailure: null
	});
	});
	}
	function onSignIn(googleUser) {
	console.log("on sign in, granted scopes: " + googleUser.getGrantedScopes());
	console.log("ID token: " + googleUser.getAuthResponse().id_token);
	var profile = googleUser.getBasicProfile();
	var message = 'ID: ' + profile.getId() + "\n"
	+ 'Name: ' + profile.getName() + "\n"
	+ 'Image URL: ' + profile.getImageUrl() + "\n"
	+ 'Email: ' + profile.getEmail();
	document.getElementById("message").value = message;
	setProfileImage(profile.getImageUrl());
	}
	function signOut() {
	var auth2 = gapi.auth2.getAuthInstance();
	auth2.signOut().then(function () {
	console.log("on sign out");
	setMessage("User signed out");
	setProfileImage(null);
	});
	}
	function disconnect() {
	console.log("on disconnect");
	var auth2 = gapi.auth2.getAuthInstance();
	if (!auth2.isSignedIn.get()) {
	setMessage("Not signed in, cannot disconnect");
	return;
	}
	auth2.disconnect();
	setProfileImage(null);
	setMessage("Disconnected");
	}
	function setMessage(message) {
	document.getElementById("message").value = message;
	}
	function setProfileImage(srcUrl) {
	var element = document.getElementById("profileImage");
	if (srcUrl == null) {
	element.style.display = "none";
	element.src = "";
	} else {
	element.style.display = "block";
	element.src = srcUrl;
	}
	}
	</script>
	</head>
	<body onload="init()">
	<div id="g-signin-btn"></div>
	<div><a href="#" onclick="signOut();">Sign out</a></div>
	<div><a href="#" onclick="disconnect();">Disconnect</a></div>
	<div><img id="profileImage" src="" /></div>
	<textarea id="message" cols="80" rows="10"></textarea>
	</body>
	</html>
	<html>
	<head>
	<meta name="google-signin-client_id" content="XXXXXXX.apps.googleusercontent.com">
	<script src="https://apis.google.com/js/platform.js" async defer></script>
	<script type="text/javascript">
	function onSignIn(googleUser) {
	console.log("on sign in");
	var profile = googleUser.getBasicProfile();
	var message = 'ID: ' + profile.getId() + "\n"
	+ 'Name: ' + profile.getName() + "\n"
	+ 'Image URL: ' + profile.getImageUrl() + "\n"
	+ 'Email: ' + profile.getEmail();
	document.getElementById("message").value = message;
	setProfileImage(profile.getImageUrl());
	}
	function signOut() {
	var auth2 = gapi.auth2.getAuthInstance();
	auth2.signOut().then(function () {
	console.log("on sign out");
	setMessage("User signed out");
	setProfileImage(null);
	});
	}
	function disconnect() {
	console.log("on disconnect");
	var auth2 = gapi.auth2.getAuthInstance();
	if (!auth2.isSignedIn.get()) {
	setMessage("Not signed in, cannot disconnect");
	return;
	}
	auth2.disconnect();
	setProfileImage(null);
	setMessage("Disconnected");
	}
	function setMessage(message) {
	document.getElementById("message").value = message;
	}
	function setProfileImage(srcUrl) {
	var element = document.getElementById("profileImage");
	if (srcUrl == null) {
	element.style.display = "none";
	element.src = "";
	} else {
	element.style.display = "block";
	element.src = srcUrl;
	}
	}
	</script>
	</head>
	<body>
	<div class="g-signin2" data-onsuccess="onSignIn"></div>
	<div><a href="#" onclick="signOut();">Sign out</a></div>
	<div><a href="#" onclick="disconnect();">Disconnect</a></div>
	<div><img id="profileImage" src="" /></div>
	<textarea id="message" cols="80" rows="10"></textarea>
	</body>
	</html>
	import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
	import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
	import com.google.api.client.http.HttpTransport;
	import com.google.api.client.http.apache.ApacheHttpTransport;
	import com.google.api.client.json.JsonFactory;
	import com.google.api.client.json.jackson2.JacksonFactory;
	import java.util.Collections;

	/**
	* Hello world!
	*
	*/
	public class VerifyIdToken
	{
	private static final String CLIENT_ID = "XXXXXXX.apps.googleusercontent.com";

	public static void main( String[] args ) throws Exception
	{
	new App();
	}

	public App() throws Exception {
	HttpTransport transport = new ApacheHttpTransport();
	JsonFactory jsonFactory = new JacksonFactory();
	GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory)
	.setAudience(Collections.singletonList(CLIENT_ID))
	// Or, if multiple clients access the backend:
	//.setAudience(Arrays.asList(CLIENT_ID_1, CLIENT_ID_2, CLIENT_ID_3))
	.build();
	String idTokenString = "my_token";
	GoogleIdToken idToken = null;
	for (int i = 0; i < 10; ++i) {
	idToken = verifier.verify(idTokenString);
	}
	if (idToken != null) {
	GoogleIdToken.Payload payload = idToken.getPayload();

	// Print user identifier
	String userId = payload.getSubject();

	// Get profile information from payload
	String email = payload.getEmail();
	Boolean emailVerified = payload.getEmailVerified();
	String name = (String) payload.get("name");
	String pictureUrl = (String) payload.get("picture");
	String locale = (String) payload.get("locale");
	String familyName = (String) payload.get("family_name");
	String givenName = (String) payload.get("given_name");

	System.out.println("User ID: " + userId);
	System.out.println("Email: " + email);
	System.out.println("Email verified: " + emailVerified);
	System.out.println("Name: " + name);
	System.out.println("Picture URL: " + pictureUrl);
	System.out.println("Locale: " + locale);
	System.out.println("Family name: " + familyName);
	System.out.println("Given name: " + givenName);
	} else {
	System.out.println("Invalid ID token.");
	}
	}
	}