Home > front end >  Google Auth Token for Service account is incorrect
Google Auth Token for Service account is incorrect

Time:11-15

I have created a service account with Domain Wide Delegation

const jwt = require("jsonwebtoken");
const sa = require("./credentials-ads.json");

const authUrl = "https://www.googleapis.com/oauth2/v4/token";
const scope = "https://www.googleapis.com/auth/adwords";

const getSignedJwt = () => {
  const token = {
    iss: sa.client_email,
    iat: parseInt(Date.now() / 1000),
    exp: parseInt(Date.now() / 1000)   60 * 60, // 60 minutes
    aud: authUrl,
    scope,
  };

  return jwt.sign(token, sa.private_key, { algorithm: "RS256" });
};

  const signedJwt = getSignedJwt();

  console.log(signedJwt);

  const google_token = await axios.post(
    'https://oauth2.googleapis.com/token',
    'grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=' signedJwt,
    {
        headers: {
            'Content-Type': 'application/x-www-form-urlencoded'
        }
    }
);
  res.send(google_token.data);
})

the above giving the access_token as response but it is returned as follows:

{"access_token":"abcdefghijklmnopqurstuvwxyz1234567890qwertyuiopasdfghjklzxcvbnmfasdfasdfasdf........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................","expires_in":3599,"token_type":"Bearer"}

this access token is not usable for any API call

I am trying this using HTTP/HTTPS requests in Nodejs

Was expecting to receive a usable access token, but receiving an incorrect token with .............

CodePudding user response:

For domain wide delegation you must supply the subject to delegate as. The value of this is the email address of the user on your domain which you want the service account to impersonate.

you are probably missing sub filed.

CodePudding user response:

The multiple dots appended to the access token do not invalidate it for Google APIs and services. Google is testing larger token sizes. Ignore the fact the dots are there as the dots are padding. This allows Google to detect applications that truncate the token size.

For more information:

OAuth 2.0 Access Token Size for Google Cloud Platform Customers

Page link:https//www.codepudding.com/frontend/610127.html

Prev:Retry getting a file after waiting a set timeframe in Node
Next:Getting Error 503 when sending request via heroku or any host not local
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding