I can not verify the user token ID on the server side. Did on the guide from Google https://developers.google.com/identity/sign-in/web/backend-auth
In JS I get the id token and send it to the server
var googleUser = auth2.currentUser.get(),
id_token = googleUser.getAuthResponse().id_token;
var xhr = new XMLHttpRequest();
xhr.open('POST', 'http://api.site.loc//tokensignin');
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
xhr.onload = function() {
console.log('Signed in as: ' + xhr.responseText);
};
xhr.send('idtoken=' + id_token);
I accept on the server
$CLIENT_ID = '.apps.googleusercontent.com';
$id_token = $formData['idtoken'];
$client = new Google_Client(['client_id' => $CLIENT_ID]);
$payload = $client->verifyIdToken($id_token);
if ($payload) {
$userid = $payload['sub'];
// If request specified a G Suite domain:
//$domain = $payload['hd'];
} else {
// Invalid ID token
}
as a result I get this error, instead of confirming token
<b>Fatal error</b>: Uncaught exception 'LogicException' with message 'id_token must be passed in or set as part of setAccessToken' in \google-api-php-client\src\Google\Client.php:717
The error was due to the fact that $id_token was empty (null).
So if you have such a problem, check that the $id_token is correct
Thanks to John Hanley for the help