Trying to figure out how to use Google's play-integrity api to verify nonces. I've hit this roadblock and am unsure what other things I could try to debug and get more information out of this API. Below is a series of steps I've taken to get to the point I'm currently at.
What I've done:
Created a service account within the Google Cloud project with the grants:
- Service Account User and Service Usage Consumer
- Setup Google Auth Default Credentials
- Set environment variable:GOOGLE_APPLICATION_CREDENTIALS by pulling down imported json from service account.
Where I'm at now:
- Used google-api-client to build and call playintegrity, resulting in the response:
Code snippet:
response = service.v1().decodeIntegrityToken(
packageName='com.myapp.package',
body={
'integrityToken':'superLongString'
}
).execute()
raise HttpError(resp, content, uri=self.uri)
googleapiclient.errors.HttpError: <HttpError 400 when requesting
https://playintegrity.googleapis.com/v1/com.myapp.package:decodeIntegrityToken?alt=json
returned "Integrity token cannot be decoded due to invalid arguments.".
Details: "Integrity token cannot be decoded due to invalid arguments.">
What I'm trying to do:
I'm trying to better understand how to call decodeIntegrityToken with the right parameters or configurations to retrieve a 200. It is not immediately clear to me which of it is is and what the next steps to debug are.
Resources used: