接入google play token 校验

2025-01-05 21:25:07 +08:00 · 2025-01-05 21:25:07 +08:00 · c51f80b2f3
commit c51f80b2f3
parent a99589283a
1 changed files with 76 additions and 0 deletions
--- a/library/src/social/google.rs
+++ b/library/src/social/google.rs
@ -45,6 +45,10 @@ pub struct GoogleJwtProfile {
    pub given_name: String,
    pub family_name: String,
    pub locale: String,
    #[serde(skip_serializing_if = "Option::is_none")]
    pub google_play_games_id: Option<String>,
    #[serde(skip_serializing_if = "Option::is_none")]
    pub google_play_games_profile: Option<String>,
 }
 impl GoogleJwtProfile {
@ -159,4 +163,76 @@ impl GoogleSocial {
        Ok(google_jwt_profile)
    }
    /// 验证 Google Play Games 的身份信息
    /// 参考: https://developers.google.com/games/services/android/signin
    pub async fn verify_play_games_token(&self, play_games_token: &str) -> SocialResult<GoogleJwtProfile> {
        // Google Play Games 的验证端点
        const GOOGLE_PLAY_GAMES_TOKEN_INFO_URL: &str = 
            "https://oauth2.googleapis.com/tokeninfo";
        let client = Client::new();
        let response = client
            .get(GOOGLE_PLAY_GAMES_TOKEN_INFO_URL)
            .query(&[("access_token", play_games_token)])
            .send()
            .await?;
        if !response.status().is_success() {
            return Err(Box::new(ResErr::social("验证 Google Play Games Token 失败")));
        }
        let token_info: Value = response.json().await?;
        // 验证 token 信息
        if let Some(error) = token_info.get("error") {
            return Err(Box::new(ResErr::social(format!(
                "Google Play Games Token 无效: {}",
                error
            ))));
        }
        // 验证 audience 是否匹配你的应用
        if let Some(aud) = token_info.get("aud") {
            // TODO: 验证 aud 是否匹配你的 Google Play Games 应用 ID
            tracing::debug!("Google Play Games aud: {}", aud);
        }
        // 构建用户资料
        let mut profile = GoogleJwtProfile::default();
        if let Some(sub) = token_info.get("sub").and_then(|v| v.as_str()) {
            profile.sub = sub.to_string();
        }
        if let Some(email) = token_info.get("email").and_then(|v| v.as_str()) {
            profile.email = email.to_string();
        }
        // 获取 Google Play Games 特定的信息
        let play_games_info = self.fetch_play_games_profile(play_games_token).await?;
        profile.google_play_games_id = play_games_info.get("playerId")
            .and_then(|v| v.as_str())
            .map(String::from);
        Ok(profile)
    }
    /// 获取 Google Play Games 用户资料
    async fn fetch_play_games_profile(&self, access_token: &str) -> SocialResult<Value> {
        const PLAY_GAMES_PROFILE_URL: &str = 
            "https://games.googleapis.com/games/v1/players/me";
        let client = Client::new();
        let response = client
            .get(PLAY_GAMES_PROFILE_URL)
            .header("Authorization", format!("Bearer {}", access_token))
            .send()
            .await?;
        if !response.status().is_success() {
            return Err(Box::new(ResErr::social("获取 Google Play Games 用户资料失败")));
        }
        let profile: Value = response.json().await?;
        Ok(profile)
    }
 }