Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

google.api.auth , ValidateAsync , no valid signature

See original GitHub issue

hello ,

im using your .net client for my backend server for token validation. in a .net standard class lib.

i use > GoogleJsonWebSignature.ValidateAsync() this code internal gives me false back.

                    verifiedOk = googleCert.VerifyHash(hash, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);

verifyhash runs the code in Microsoft.NETCore.App\2.2.2\System.Security.Cryptography.Algorithms, Version= hope this is correct ? if the assamly is wrong , that would explain why false my result is false.

the id token wich i get, comes directly from a unity google client.

i tested the token at there is the signitur false too. but they dont have the private key. i get all correct informations at from the token. its a RSA 256 key wich is supported.

this workflow runs well at last year okt.2018. now suddendly the validation fails 😦 with no changes by my side .

thanks for help.

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:38

github_iconTop GitHub Comments

jskeetcommented, Mar 19, 2019

.NET Core isn’t unsupported. Please just use the real NuGet package: Google.Apis.Auth. That supports netstandard1.3 and netstandard2.0. It’ll be much easier to help if we’re all looking at the same code. If you could provide a short but complete example demonstrating the problem, ideally as a console app, that would be even better.

jmeyerwormscommented, Jan 26, 2020

ah ok 😉 great

Read more comments on GitHub >

github_iconTop Results From Across the Web

Using Google API GoogleJsonWebSignature. ...
My challenge is that it seems async methods can only be called by other async methods all the way back up the call-stack....
Read more >
Class GoogleJsonWebSignature (1.60.0) | .NET client library
Validates a Google-issued Json Web Token (JWT). Will throw a InvalidJwtException if the passed value is not valid JWT signed by Google.
Read more >
Verify the Google ID token on your server side
Verify the ID token. To verify that the token is valid, ensure that the following criteria are satisfied: The ID token is properly...
Read more >
Setting up OAuth 2.0 - Google Cloud Platform Console Help
If the APIs & services page isn't already open, open the console left side menu and select APIs & services. On the left,...
Read more >
Google OAuth “invalid_grant” nightmare — and how to fix it
The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found