From 9af778fc2d1ffac142628da4f9e2fd027dbfec7c Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Tue, 19 Apr 2022 20:43:21 +0300 Subject: Google sign in: validate client id --- src/main/java/com/juick/www/api/ApiSocialLogin.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/main/java/com/juick') diff --git a/src/main/java/com/juick/www/api/ApiSocialLogin.java b/src/main/java/com/juick/www/api/ApiSocialLogin.java index 5e17d2b77..02f16676f 100644 --- a/src/main/java/com/juick/www/api/ApiSocialLogin.java +++ b/src/main/java/com/juick/www/api/ApiSocialLogin.java @@ -230,7 +230,7 @@ public class ApiSocialLogin { throws GeneralSecurityException, IOException { logger.info("Token: {}", idTokenString); logger.info("Client: {}", googleClientId); - Optional verifiedEmail = GoogleTokenVerifier.validateToken(idTokenString); + Optional verifiedEmail = GoogleTokenVerifier.validateToken(googleClientId, idTokenString); if (verifiedEmail.isPresent()) { String email = verifiedEmail.get(); com.juick.model.User visitor = userService.getUserByEmail(email); -- cgit v1.2.3