the issuer in the tokens from google is: "accounts.google.com"
but the jwt-authorizer config requires an issuer url with "https://" in front
That means the google tokens never be accepted by the authorizer since the token iss claim is missing: https
Any one solved this?
if using some of the legacy oauth flow to authorize your app. you may get a token with the issuer above, make sure to use the OIDC config:
https://accounts.google.com/.well-known/openid-configuration
Then the issuer in the id-token should match the format required by AWS JWT-Authorizer (and specified in the OIDC spec ).