google-oauth 1.2.0

Google oauth server-side client
Documentation

Google-Oauth

Description

Google-Oauth is a server-side verification library for Google oauth2.

Google-Oauth can help you to verify id_token which is generated from Google.

This lib provides blocking and async API for your convince. If you are using async, note that Google-Oauth doesn't provide any async runtime (like tokio or async-std).

Simple Usage

Suppose you've got an id_token from Google. id_token is a JWT which looks like eyJhbGciOiJSUzI1NiIsImtpZCI6Ijg2OTY5YWVjMzdhNzc4MGYxODgwNz....

And you need to know your client_id which you generated in Google Admin Console. The client_id looks like xxxxx.apps.googleusercontent.com.

Now, add this in your Cargo.toml:

[dependencies]
google-oauth = "1"

Then,


use google_oauth::Client;

fn main() {
    let id_token = "eyJhbGciOiJSUzI1NiIsImtpZCI6Ijg2OTY5YWVjMzdhNzc4MGYxODgwNz..."; // this is the token we are going to verify
    let client_id = "xxxxx.apps.googleusercontent.com";
    
    let client = Client::new(client_id);
    
    let data = client.validate_id_token(id_token);
    
    match &data {
        Ok(data) => println!("ok: {:?}", data),
        Err(e) => println!("{:?}", e),
    };
    
    // now we got the data
    // usually we use the `sub` as a unique id for the user
    
    println!("user with sub: {} login!", data.unwrap().sub);
}

AsyncClient

You can use AsyncClient with an async runtime.

use google_oauth::AsyncClient;

#[tokio::main]
// or #[async_std::main]
// or #[actix_web::main]
async fn main() {
    let id_token = "eyJhbGciOiJSUzI1NiIsImtpZCI6Ijg2OTY5YWVjMzdhNzc4MGYxODgwNz..."; // this is the token we are going to verify
    let client_id = "xxxxx.apps.googleusercontent.com";
    
    let client = AsyncClient::new(client_id);
    
    let data = client.validate_id_token(id_token).await;
    match &data {
        Ok(data) => println!("ok: {:?}", data),
        Err(e) => println!("{:?}", e),
    };
    
    // now we got the data
    // usually we use the `sub` as a unique id for the user
    
    println!("user with sub: {} login!", data.unwrap().sub);
}

Algorithm Support

Currently, this lib only supports RS256.

It seems that Google may use ES256 as the hash algorithm, but I couldn't find any website example, so I left it unimplemented and return an Err() when validating.

If you do need ES256, just let me know through creating a new Gihub Issue.

  • RS256
  • ES256