Issue with ID Token Verification in Go: "audience provided does not match aud claim in the JWT"

I'm trying to verify an ID token sent from an Android device using Go and the Google Authentication library. The token is validated using the idtoken.Validate() function with a web client ID (g.clientID). However, when I attempt the verification on my VPS server, I get the following error:

{
    "error": "internal server error: failed to verify token: idtoken: audience provided does not match aud claim in the JWT"
}

After inspecting the JWT, I can confirm that the aud claim in the token matches the web client ID (g.clientID) used on the server.

Here’s the relevant code snippet:

func (g *GoogleAuth) VerifyIDToken(idTokenStr string) (*account.GoogleResponse, error) {
    payload, err := idtoken.Validate(context.Background(), idTokenStr, g.clientID)
    if err != nil {
        return nil, fmt.Errorf("failed to verify token: %v", err)
    }
    return &account.GoogleResponse{
        Id:        payload.Claims["sub"].(string),
        Email:     payload.Claims["email"].(string),
        FirstName: payload.Claims["given_name"].(string),
        LastName:  payload.Claims["family_name"].(string),
    }, nil
}

Despite the aud claim in the token matching the g.clientID used for validation, the verification fails. Could anyone point out what might be causing this mismatch? Any advice or potential solutions would be appreciated.

科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

Issue with ID Token Verification in Go: "audience provided does not match aud claim in the JWT" - Stack Overfl

与本文相关的文章

评论列表(0)