How to authenticate a Rails API with Google JWTs

Question

On the frontend, using React and the Google Login Button, the user logs in to my application. Google returns the user's JWT to a callback URL on the frontend, encoded. I then deliver this JWT on each request to a Rails API and want the rails API to decode and verify this JWT, and if it is verified successfully, return the data that API endpoint is supposed to give.

I am currently using this code:

def google_public_key
  x509 = OpenSSL::X509::Certificate.new ENV["GOOGLE_CERT"]
  x509.public_key
end

The env var is described like this: https://gist.github.com/Connorelsea/c6b91a4b4b6889294fd4e2fcacb06564

I am getting this error: OpenSSL::X509::CertificateError (nested asn1 error)

If I do not verify, I can read the content of the JWT. From the JWT website it can be decoded, but not verified, as well.

did you search for the error, i.e. http://stackoverflow.com/questions/24263835/getting-opensslx509certificateerror-nested-asn1-error-on-ruby — max pleaner, Oct 21 '16 at 20:21
Yes. People expressed formatting concerns and we tried their fixes. None worked. — Connorelsea, Oct 21 '16 at 20:22
I am getting the JWT from google. Using the google login button. So I am not doing any of the JWT making myself. — Connorelsea, Oct 21 '16 at 20:25

score 0 · Answer 1 · answered Jan 25 '17 at 16:22

0

Had the same problem and solved by setting the public_key as Pkey object not as a string in the constructor, try:

def google_public_key
  x509 = OpenSSL::X509::Certificate.new 
  x509.public_key = OpenSSL::PKey::RSA.new ENV["GOOGLE_CERT"]
end

answered Jan 25 '17 at 16:22

Bmxer

397
1
3
9

How to authenticate a Rails API with Google JWTs

1 Answers1