Authenticate Google token with Node.js backend server

If you use Google Sign-In with an app or site that communicates with a backend server, you might need to identify the currently signed-in user on the server. To do so securely, after a user successfully signs in, send the user’s ID token to your server using HTTPS. Then, on the server, verify the integrity of the ID token and use the user information contained in the token to establish a session or create a new account, if there is no account with that information. Google token handles all work like create the token, manage token and sessions and reduces our management.

Google Auth Library. This is Google’s officially supported node. js client library for using OAuth 2.0 authorization and authentication with Google APIs.

That is the js file. There is the decoded code for google auth token. When the client will send token to server then you will have token but in this case, there is no frontend and client-side so token is hardcoded in this file. To decode the token you should have to CLIENT_ID which was used for creating this token.

let token = "eyJhbGciOiJSUzI1NiIsImtpZCI6ImNiNDA0MzgzODQ0YjQ2MzEyNzY5YmI5MjllY2VjNTdkMGFkOGUzYmIiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJhY2NvdW50cy5nb29nbGUuY29tIiwiYXpwIjoiNjA3OTIxMDQ0NDUyLTI2MWczZzlvYmVlY2NocnNqdXZhanZ2ajRjNHZ0Zmt1LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwiYXVkIjoiNjA3OTIxMDQ0NDUyLTI2MWczZzlvYmVlY2NocnNqdXZhanZ2ajRjNHZ0Zmt1LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwic3ViIjoiMTAwMTcyODQxODYyMDE2MTYzOTAyIiwiZW1haWwiOiJyYWpwdXRhbmtpdDIyQGdtYWlsLmNvbSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJhdF9oYXNoIjoiNks5cWd1UnpQNVNWcWtIQ3dNQXlvZyIsIm5hbWUiOiJBbmtpdCBLdW1hciBSYWpwb290IiwicGljdHVyZSI6Imh0dHBzOi8vbGgzLmdvb2dsZXVzZXJjb250ZW50LmNvbS9hLS9BT2gxNEdqTmtVdmtQRHRLcUl1bm56QVoydFdKdlBZMzNhQmRNY2psamhiWmJVWT1zOTYtYyIsImdpdmVuX25hbWUiOiJBbmtpdCIsImZhbWlseV9uYW1lIjoiS3VtYXIgUmFqcG9vdCIsImxvY2FsZSI6ImVuIiwiaWF0IjoxNTgzOTE4NzQ5LCJleHAiOjE1ODM5MjIzNDksImp0aSI6IjJmZjBmZjRlZDkxNjliNzk0ZjNlZjU5MWNmMDA0YWUwZjYxNzYxY2UifQ.RrAD_qGzejLXog8PSZpCeeYREH1MV5cBBAFQC8yrprw7CpuKxjPJ2hAwLx9qHqVOY-mX2Ih8LfzVQKF2qUPqGJRHDJQmnfYaJoecHCJMYMG5aFQRBqcDq3HzTyWVue663LM_OBPQHTGuvqS8RjGz5ITNXpdwRSVYzbZdG3Jvm7ZJdVp64_lNXHAx-0JWl89enABHk8DCMmZdGkk_OgUqRqV0l0w447xiqArhDIkeHjzEuJfUfqngWGhA2OSKWY6eAshKlZbPDsdhZ3ElBwO0h1wNWc4TlmPe38SCa84GXoiU2O128yeGbJDVdBLO6YWzWu8NJCunGxaNP9Di-D375w"
const CLIENT_ID = "607000044452-001g3g9obeecxxxxxxxxjvvj4c4vxxku.apps.googleusercontent.com"
const { OAuth2Client } = require('google-auth-library');
const client = new OAuth2Client(CLIENT_ID);
async function verify() {
    try {
const ticket = await client.verifyIdToken({
            idToken: token,
            audience: CLIENT_ID,  // Specify the CLIENT_ID of the app that accesses the backend
            // Or, if multiple clients access the backend:
            //[CLIENT_ID_1, CLIENT_ID_2, CLIENT_ID_3]
        });
        const payload = ticket.getPayload();
        const userid = payload['sub'];
        console.log(payload)
    } catch (error) {
        console.log(error)
    }
}
verify()

OutPut:- I have printed output here for verifying that what’s provide google in this token. So basically google provides these things.

Through this information, you can signup or sign in users in your system and store this information in your database. In this scenario, user doesn’t have to reminder multiple id passwords for different applications.