I used angular-6-social-login to signin with google in my website, as shown in the link. Now it return following data =>
email:"xxxxx"
id:"xxxxxxx"
idToken:"xxxx.xxxxxxxxx.xxxxxx"
image:"https://lh5.googleusercontent.com/xxxx/photo.jpg"
name:"Abhishek Jaiswal"
provider:"google"
token:"ya29.GlztBZpLW2v1jld20GR0iHOjMiveYmDhnaDRjWmsmh8tH_DSVW4-lRnYIL4Eau2-ZKVXlFFK-alCk5-REBR22aKkeUUIats14KtXEGfHlZIw5iIlKP5LSuEAtmnG0w"
I decoded that idToken as JSON Web Token Decoder on Web Api, cross-examined token(accessToken as provided by google) with "at_hash" value of idToken. Now after that much of validation, I check for prior registration of user, and register him inside if block.
Note: I am doing these validations & registrations in manually. So, I am not using methods provided by Web ApiIdentity, like ExternalLogin, etc..
In case of normal logins, I issue a post request to http://localhost:57310/token with username, password, and grant_type, and that provides me accessToken, so it is authorized.
But, In this case, I am already on API, so no need for any post request, and I already have token(by google), but this one is not provided by web api, so not authorized.
For this use case, I recommend you to use ng-gapi. It will permit you to login with Google, retrieve credentials (JWT with identity), and request for an access_token to be used with Google API calls.
Behind the scene, it's a Google Sign-in API integration. So no worry about refreshing access_token for example, and also verifying JWT signature.