Is there a way to access JWT token returned from Google
GraphicalDot opened this issue · comments
We are trying to run some ZK proofs from the JWT token returned from google after successful completion.
pub async fn oauth_return(
Query(mut params): Query<HashMap<String, String>>,
State(db_pool): State<SqlitePool>,
Host(hostname): Host,
) -> Result<impl IntoResponse, AppError> {
let state = CsrfToken::new(params.remove("state").ok_or("OAuth: without state")?);
let code = AuthorizationCode::new(params.remove("code").ok_or("OAuth: without code")?);
println!("State: {}", state.secret());
let query: (String, String, String) = sqlx::query_as(
r#"DELETE FROM oauth2_state_storage WHERE csrf_state = ? RETURNING pkce_code_verifier,return_url,nonce"#,
)
.bind(state.secret())
.fetch_one(&db_pool)
.await?;
let pkce_code = query.0;
let return_url = query.1;
let nonce = Nonce::new(query.2) ;
let pkce_code_verifier = PkceCodeVerifier::new(pkce_code);
// Exchange the code with a token.
let client = get_client_open_id_connect(hostname)?;
// Now you can exchange it for an access token and ID token.
let token_response =
client
.exchange_code(code)
// Set the PKCE code verifier.
.set_pkce_verifier(pkce_code_verifier)
.request(http_client)
.unwrap_or_else(|err| {
handle_error(&err, "Failed to contact token endpoint");
unreachable!();
});
println!(
"Google returned access token:\n{}\n",
token_response.access_token().secret()
);
```
Is there a way we can access the JWT token ?
The Google example included in this crate shows how to access the ID token:
openidconnect-rs/examples/google.rs
Lines 225 to 235 in 7efc894
If you need the raw JWT, just call .to_string() on it.