Problem renewing PlayGamesPlatform.Instance.GetIdToken()

I can successfully authenticate a player using:

Code (CSharp):

1. PlayGamesPlatform.Instance.Authenticate(SignInCallback, true);

and then obtain an IdToken using:

Code (CSharp):

1. _idToken = PlayGamesPlatform.Instance.GetIdToken();

The expiry on this token is about 40 minutes so when I pass it to my php backend to validate a request from the app as per https://developers.google.com/identity/sign-in/web/backend-auth

$payload = $client->verifyIdToken($request->idToken);
if ($payload) {
// idToken still valid
} else {
// idToken no longer valid
}

This check fails if the player has the game open for longer than 40 minutes as the expiry time (exp) of the ID token has passed.

Before sending the IdToken to my backend

Code (CSharp):

1. PlayGamesPlatform.Instance.IsAuthenticated();

always returns true, even after the token has expired.

If I try to authenticate the player again after the token has expired, it returns “Player already authenticated.”
I am clearly missing something but at present players can no longer interact with my backend services after 40 minutes. So my question is how do I obtain a new IdToken without signing the player out and then authenticating them again?

 

Did you find a solution to this problem? - I didn't but now use a workaround.

Some people are suggesting to send the authCode to one's backend server to retrieve an idToken via Google - but I'm not sure how this is possible without requesting extra permissions and bugging the user during initial sign in (why should I have to request access to email or profile information to get an idToken)?! - crazy

My current solution is to (client-side):

• on receipt of the token, calculate the expiry time locally (set the refresh method to occur in 45 mins)
  
• store the idToken and expiry as static/global vars so that they remain available from scene to scene
• at the 45 min mark (Google idTokens expire after an hour), log the user out and re-authenticate silently

The opening scene instantiates an authentication object - made persistent using DontDestroyOnLoad(this.gameObject);

This polls GPGS for the idToken which is then sent to my backend to verify and create custom JWTs in which the userID and intent (join/host/browse serverlist) are embedded. Once they've used the idToken to retrieve a custom JWT, they'll be using it to connect to a secure socket session (in the case of joining/hosting a game).

Every 5 seconds it checks to see if we hit the 45 minute mark after which the existing idToken is refreshed using the steps mentioned above.

Might seem messy but it works and has saved me time. That and NOBODY is suggesting anything different. :]

 

Hi Zante,
I didn't find a solution either and I created a work around similar to yours. Sorry I could be of more help.

 

Out of interest, what did you settle on?

The only way I can think to avoid any problems, besides the above (and adding .EnableHidePopups() in the PlayGamesClientConfiguration.Builder() ), is to issue your own refresh tokens.

 

Do you find it now? Can you guide me now regarding g this?
The Archers 2 Mod Apk

 

Did you guys found any better way of handling this?