Google token verification call deadlocked?

Question

I have a C# backend controller method that verify Google id token using the google auth. It works at first after deploying to my test server, but after awhile, it runs into a deadlock situation (I believe). There's no error, it just hangs at VerifyGoogleToken.

using Google.Apis.Auth;
using Google.Apis.Auth.OAuth2;

    [HttpPost]
    public async Task<string> VerifyGoogleToken(string Token)
    {
        var verifyUser = Task.Run(() => VerifyToken(Token).Result);
        await Task.WhenAll(verifyUser);
        string returnValue = verifyUser.Result.ToString();
        return returnValue;
    }

    private async Task<string> VerifyToken(string Token)
    {
        string ReturnValue = "InvalidToken";
        GoogleJsonWebSignature.Payload payload = await GoogleJsonWebSignature.ValidateAsync(Token);
        if (payload.HostedDomain == "mydomain.com" && payload.EmailVerified == true && payload.Audience.ToString() == ClientID && (payload.Issuer == "accounts.google.com" || payload.Issuer == "https://accounts.google.com"))
        {
            ReturnValue = "ValidToken";
        }
        return ReturnValue;
    }

I also tried just this:

[HttpPost]
public async Task<string> VerifyGoogleToken(string Token)
{
    string returnValue = await VerifyToken(Token)
    return returnValue;
}

private async Task<string> VerifyToken(string Token)
{
    string ReturnValue = "InvalidToken";
    GoogleJsonWebSignature.Payload payload = await GoogleJsonWebSignature.ValidateAsync(Token);
    if (payload.HostedDomain == "mydomain.com" && payload.EmailVerified == true && payload.Audience.ToString() == ClientID && (payload.Issuer == "accounts.google.com" || payload.Issuer == "https://accounts.google.com"))
    {
        ReturnValue = "ValidToken";
    }
    return ReturnValue;
}

Also this:

[HttpPost]
public string VerifyGoogleToken(string Token)
{
    string returnValue = VerifyToken(Token);
    return returnValue;
}

private async Task<string> VerifyToken(string Token)
{
    string ReturnValue = "InvalidToken";
    GoogleJsonWebSignature.Payload payload = await GoogleJsonWebSignature.ValidateAsync(Token);
    if (payload.HostedDomain == "mydomain.com" && payload.EmailVerified == true && payload.Audience.ToString() == ClientID && (payload.Issuer == "accounts.google.com" || payload.Issuer == "https://accounts.google.com"))
    {
        ReturnValue = "ValidToken";
    }
    return ReturnValue;
}

Nothing worked so far.

Any help is appreciated.

Answer 1

I believe there's a limit on how many times you can call the validation, but I don't exactly know the limit. My code used to call validation every 30 seconds to do things like getting the user's ID/email etc.. This setup stopped working after a few hours. Since I rewrote the code to call the validation only a few times per connection, the validation have since been working properly.