Did anyone manage to get the id token from google sign in (Flutter)

Question

I am trying to connect my users with my back end server , i used the example from the official google sign in plugin for flutter : https://pub.dartlang.org/packages/google_sign_in

the sign process goes fine and i get the username and email ect.. but i need the id Token to authenticate the user with my server.

Ps: Not using firebase , only google sign in.

Can anyone guide me how to get the id Token ?

score 51 · Accepted Answer · edited Jun 18 '23 at 23:45

51

You can try using this code:

_googleSignIn.signIn().then((result){
    result?.authentication.then((googleKey){
        print(googleKey.accessToken);
        print(googleKey.idToken);
        print(_googleSignIn.currentUser?.displayName);
    }).catchError((err){
        print('inner error');
    });
}).catchError((err){
    print('error occured');
});

edited Jun 18 '23 at 23:45

user16217248

3,119
19
19
37

answered Sep 22 '18 at 18:05

nonybrighto

8,752
5
41
55

Thank you i will try it and let you know :) – kageeker Sep 23 '18 at 16:49
Works perfect , Thank you very much :) – kageeker Sep 23 '18 at 18:53
8

Odd, I just get `null` for `idToken` using this method – Matt R Nov 27 '19 at 18:26
1

@MattR I Once had the same issue. You can check out this github issue and see if it helps. https://github.com/flutter/flutter/issues/12140 – nonybrighto Nov 27 '19 at 20:25
is there a way to know user details based on idToken and also know if the session is valid,if the idToken is saved locally – Mahesh Jamdade Dec 04 '19 at 10:54
2

@maheshmnj You can check if the token is valid by using `https://www.googleapis.com/oauth2/v3/tokeninfo?=` – nonybrighto Dec 04 '19 at 11:19

RonManning · Answer 2 · 2022-06-27T18:22:59.493

The issue may be related to not using firebase. There is a google-services.json file which is given to you when you register your app in firebase, and you can use that with google_sign_in (this is the default way shown in the documentation).

I was getting null for the token value when trying to implement this without the google-services.json, but successfully signing into google.

If you don't want to use firebase, you have to jump through a couple hoops.

In google cloud console, register your app.
Then make sure you are 'in' your app that you just created in the top drop down menu.
in "apis and services" in the sidebar menu, go through the create Oauth consent screen menu, I don't remember having to fill out many fields, so leave them blank if you don't know what to put in.
then go to the "credentials" menu in the sidebar, and click "Create New Credentials", and select OAuth2 client ID. Make a web client, even though you're trying to use it with an android/ios app.
Make a file android/app/src/main/res/values/strings.xml
using the web client we just made, insert <?xml version="1.0" encoding="utf-8"?> <resources> <string name="default_web_client_id">YOUR WEB CLIENT ID</string> </resources> into the strings.xml file.
[edit] make one more client in the google console for android, and put in your local machine's sha1 key. This step is done for you automatically if you're using firebase. In this case, you have to create both the web client and one for your android device. In production, you'd be using a specific client for your production app.

That should do it I believe, might have missed a step.

I also wanted to verify on my backend that the incoming idtoken was valid, so I had to also make a service account (in the apis and services -> credentials page) and use that in my go server.

I'm still struggling to get this to work with ios, but the android side works great.

giveJob · Answer 3 · 2020-07-04T17:39:13.710

4

or try like this if id token was null, it worked for me.

As the docs point out you need oauth2 client id of your backend to request idToken or serverAuthCode.

from firebase google sigin in authentication copy the Web SDK configuration add paste in the following to res/values/strings.xml, That should work

<?xml version="1.0" encoding="utf-8"?>
<resources>
    <string name="default_web_client_id">{Web app Client id goes here}</string>
</resources>

edited Jul 04 '20 at 17:39

answered Jul 04 '20 at 17:29

giveJob

1,500
3
17
29

1

this works for me! I haven't add any firebase dependency in my project...it works! – Bharath Jul 15 '20 at 07:21
2

yes, no need of firebase dependency but you need to verify id token in your backend using some google libraries – giveJob Jul 15 '20 at 14:47
i don't have the strings.xml file should i create it? – Fethi Aug 16 '20 at 13:33
2

@fethi yes you need to create – giveJob Aug 16 '20 at 15:53
1

what about for ios? – Mohad Hadi Mar 02 '21 at 14:26
@MohammadHadi, sorry, I do not know, – giveJob Mar 03 '21 at 03:25
2

@giveJob I find it out. in GoogleService-info.plist of ios firebase file should add this tag: SERVER_CLIENT_ID MY_WEB_ID.apps.googleusercontent.com – Mohad Hadi Mar 03 '21 at 06:32
where is websdk configuration – Rasathurai Karan Oct 12 '21 at 06:44

score 4 · Answer 4 · answered Feb 15 '21 at 05:52

You can get access token and id token more simple like this:

final result = await _googleSignIn.signIn();
final ggAuth = await result.authentication;
print(ggAuth.idToken);
print(ggAuth.accessToken);

Or you also can add it to try-catch to handle an error.

try {
   final result = await _googleSignIn.signIn();
   final ggAuth = await result.authentication;
   print(ggAuth.idToken);
   print(ggAuth.accessToken);
} catch (error) {
  print(error);
}

score 3 · Answer 5 · edited Aug 28 '21 at 21:54

I was struggling with this issue for about a month. Turns out I was getting the same access token, even when the user tried restarting the app. This was painful because my app dealt with scopes and in case a user misses to check one or more scopes in his first sign in, the app wouldn't work at all, even if he/she signs in again and gives the permissions.

Workaround which worked for me: I called the googleSignIn.currentUser.clearAuthCache() method followed by googleSignIn.signInSilently(). This returns a GoogleSignInAccount which can be used for further authentication. My guess is that the clearAuthCache() method clears the token cache and hence a new token is created. This should get you a new access token and let your app make valid calls.

I sincerely request Google developers to solve this issue. For now, this workaround is the only thing that worked.

score 3 · Answer 6 · answered Apr 17 '22 at 07:50

3

One more clean way to achieve this:

late Map<String, dynamic> userObject = {};
var res = await _googleSignIn.signIn();
var googleKey = await res!.authentication;
userObject.addAll({
  'accessToken': googleKey.accessToken,
  'idToken': googleKey.idToken,
  'displayName': res.displayName ?? '',
  'email': res.email,
  'id': res.id,
  'avatarUrl': res.photoUrl ?? '',
  'serverAuthCode': res.serverAuthCode ?? '',
});

answered Apr 17 '22 at 07:50

Smit Patel

1,682
18
23

1

literally, a clean way if you want to map the user or the credentials in your model – Java Nerd May 17 '22 at 11:21

score 2 · Answer 7 · answered Dec 31 '20 at 15:22

To retrieve the Is idToken worked for me:

1. The google-services.json file must be placed in /android/app/

2. you need to add to your /android/app/build.gradle

apply plugin: 'com.google.gms.google-services'

3. and to /android/build.gradle

classpath 'com.google.gms:google-services:4.3.4'

And that's it. GoogleSignIn will return a real idToken instead of null.

font: https://github.com/flutter/flutter/issues/12140#issuecomment-348720774

score 0 · Answer 8 · edited Aug 31 '22 at 00:42

0

Try this:

When you create your GoogleSignIn object:

GoogleSignIn(
    clientId: "YOUR CLIENT ID"
  )

i hope it helps ;)

edited Aug 31 '22 at 00:42

n4321d

1,059
2
12
31

answered Aug 22 '22 at 03:58

Amine Achkar

1

Did anyone manage to get the id token from google sign in (Flutter)

8 Answers8

One more clean way to achieve this:

Linked