Verify Google Id Token: FormatException
I'm using google sign in on my client. Before authenticating the user I want to Verify the ID Token which I get from the client. On the server side. I'm trying to validate the ID Token (jwt) by using
Google.Apis.Auth nuget package. But I'm getting a format exception. Here is the code:
/// <summary>
/// Handler for verifying Google ID tokens.
/// </summary>
public class VerifyGoogleIdTokenHandler(IConfiguration configuration)
: IRequestHandler<VerifyGoogleIdTokenCommand, Result<GoogleJsonWebSignature.Payload>>
{
private readonly GoogleJsonWebSignature.ValidationSettings _settings = new()
{
Audience = new[]
{
configuration[ConfigurationKeys.GoogleWebClientId], configuration[ConfigurationKeys.GoogleAndroidClientId]
}
};
public async Task<Result<GoogleJsonWebSignature.Payload>> Handle(VerifyGoogleIdTokenCommand request,
CancellationToken cancellationToken)
{
try
{
var payload = await GoogleJsonWebSignature.ValidateAsync(request.IdToken, _settings);
if (payload == null)
throw new InvalidJwtException("Invalid ID token");
return Result<GoogleJsonWebSignature.Payload>.Success(payload);
}
catch (Exception ex)
{
return Result<GoogleJsonWebSignature.Payload>.Failure("Invalid ID token", new[] { ex.ToString() }, 400);
}
}
}
/// <summary>
/// Handler for verifying Google ID tokens.
/// </summary>
public class VerifyGoogleIdTokenHandler(IConfiguration configuration)
: IRequestHandler<VerifyGoogleIdTokenCommand, Result<GoogleJsonWebSignature.Payload>>
{
private readonly GoogleJsonWebSignature.ValidationSettings _settings = new()
{
Audience = new[]
{
configuration[ConfigurationKeys.GoogleWebClientId], configuration[ConfigurationKeys.GoogleAndroidClientId]
}
};
public async Task<Result<GoogleJsonWebSignature.Payload>> Handle(VerifyGoogleIdTokenCommand request,
CancellationToken cancellationToken)
{
try
{
var payload = await GoogleJsonWebSignature.ValidateAsync(request.IdToken, _settings);
if (payload == null)
throw new InvalidJwtException("Invalid ID token");
return Result<GoogleJsonWebSignature.Payload>.Success(payload);
}
catch (Exception ex)
{
return Result<GoogleJsonWebSignature.Payload>.Failure("Invalid ID token", new[] { ex.ToString() }, 400);
}
}
}
1 Reply
Here is the exception:
System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)
at System.Convert.FromBase64String(String s)
at Google.Apis.Auth.TokenEncodingHelpers.Base64UrlDecode(String base64Url)
at Google.Apis.Auth.SignedToken`2.FromSignedToken(String signedToken)
at Google.Apis.Auth.GoogleJsonWebSignature.ValidateInternalAsync(String jwt, ValidationSettings validationSettings)
at Quotifyr.Features.Authentication.CommandHandlers.VerifyGoogleIdTokenHandler.Handle(VerifyGoogleIdTokenCommand request, CancellationToken cancellationToken) in E:\Projects\quotifyr\quotifyr-server\src\Features\Authentication\CommandHandlers\VerifyGoogleIdTokenHandler.cs:line 27
System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)
at System.Convert.FromBase64String(String s)
at Google.Apis.Auth.TokenEncodingHelpers.Base64UrlDecode(String base64Url)
at Google.Apis.Auth.SignedToken`2.FromSignedToken(String signedToken)
at Google.Apis.Auth.GoogleJsonWebSignature.ValidateInternalAsync(String jwt, ValidationSettings validationSettings)
at Quotifyr.Features.Authentication.CommandHandlers.VerifyGoogleIdTokenHandler.Handle(VerifyGoogleIdTokenCommand request, CancellationToken cancellationToken) in E:\Projects\quotifyr\quotifyr-server\src\Features\Authentication\CommandHandlers\VerifyGoogleIdTokenHandler.cs:line 27