Getting an error "idtoken: invalid token, token must have three segments; found 2"

Archana1 · December 18, 2020, 7:20am

I am validating the idToken issued by Google, using this package “https://github.com/googleapis/google-api-go-client/blob/master/idtoken/validate.go#L27-L28”. But I am getting the error " invalid token, token must have three segments; found 2 ". IdToken is in the right format. Please guide.

skillian · December 18, 2020, 10:54am

I don’t know anything about idtokens, but the code that produces that error looks to be here:

segments := strings.Split(idToken, ".")
	if len(segments) != 3 {
		return nil, fmt.Errorf("idtoken: invalid token, token must have three segments; found %d", len(segments))
	}

Does the token have 2 “.” characters in it? Can you post a sample token with some or all of the alphanumeric characters obfuscated?

Archana1 · December 18, 2020, 11:27am

Token is in the right format. I have tested by hard-coding it in my code. Like I kept the token in one singe line. It is working fine. The moment the token takes the next line it is giving the error.
Technically I am using Goa web framework and testing from postman.
content-type: application/json

To explain it better i have taken the sample token from jwt.io
case 1:
If the token is going to next line like in the below format, it is throwing error
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

case2:
If the token is in one single line, it is working fine.
Note here I have removed some token for understanding purpose, but in original the complete token stands in one line
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3OD.kwIiwibmFtZSI6Ik

I am thinking to use “minify” function. May be this should be work around. Please help me if you find a better solution.

skillian · December 18, 2020, 12:15pm

I’m unable to reproduce this because I’m getting a build error. Here’s the main.go that I wrote to try this out:

package main

import (
	"context"
	"fmt"

	"github.com/googleapis/google-api-go-client/idtoken"
)

func main() {
	_, err := idtoken.Validate(context.Background(), "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", "")
	fmt.Println("err:", err)
}

But when I try to run it, I get this error:

package command-line-arguments
        imports github.com/googleapis/google-api-go-client/idtoken
        ..\..\github.com\googleapis\google-api-go-client\idtoken\compute.go:15:2: use of internal package google.golang.org/api/internal not allowed

Is there some other way you validate this jwt?

Archana1 · December 18, 2020, 12:23pm

We need to use this package in import “google.golang.org/api/idtoken”

and
payload, err := idtoken.Validate(ctx, idToken, aud)

idToken and aud(i.e app clientId), need to pass to the above function.

system · March 18, 2021, 12:29pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.