我已经实施了后端,它从Android或iOS设备接收Google登录令牌并尝试验证它。几个月前代码已经正常运行,它没有改变,但最近它开始拒绝所有令牌无效。当我尝试在发布时间大约10秒后再次使用先前失败的令牌重复验证时,它开始工作并返回用户信息。为什么会这样?
try {
GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(new NetHttpTransport(), new JacksonFactory()).setIssuer(ISSUER).build();
GoogleIdToken idToken = verifier.verify(token);
if (idToken != null) {
Payload payload = idToken.getPayload();
ExternalUserInfo externalUserInfo = new ExternalUserInfo();
externalUserInfo.setId((String) payload.getSubject());
externalUserInfo.setName((String) payload.get("given_name"));
externalUserInfo.setFamilyName((String) payload.get("family_name"));
externalUserInfo.setEmail(payload.getEmail());
externalUserInfo.setLocale((String) payload.get("locale"));
externalUserInfo.setSystemId(AuthorizationMapper.TYPE_GOOGLE);
return externalUserInfo;
} else {
logger.debug("Invalid Google Sign in token " + token);
}
} catch (Exception e) {
logger.error("Error while getting Google Sign in user info for token " + token, e);
}