Trying to figure out how to use Google's play-integrity api to verify nonces. I've hit this roadblock and am unsure what other things I could try to debug and get more information out of this API. Below is a series of steps I've taken to get to the point I'm currently at.
What I've done:
Created a service account within the Google Cloud project with the grants:
Where I'm at now:
Code snippet:
response = service.v1().decodeIntegrityToken(
packageName='com.myapp.package',
body={
'integrityToken':'superLongString'
}
).execute()
raise HttpError(resp, content, uri=self.uri)
googleapiclient.errors.HttpError: <HttpError 400 when requesting
https://playintegrity.googleapis.com/v1/com.myapp.package:decodeIntegrityToken?alt=json
returned "Integrity token cannot be decoded due to invalid arguments.".
Details: "Integrity token cannot be decoded due to invalid arguments.">
What I'm trying to do:
I'm trying to better understand how to call decodeIntegrityToken with the right parameters or configurations to retrieve a 200. It is not immediately clear to me which of it is is and what the next steps to debug are.
Resources used:
If you are receiving an INTEGRITY_INVALID_ARGUMENT
check one of the following:
integrity_token
, which is retrieved by google upon sending over a nonce. Note that this integrity_token
needs to be correct or else it will still send the same error message above.