Profile info isn't returned like the docs specify

[mwildehahn]

The docs specify that the /tokeninfo endpoint will return the following if you have the "profile" scope specified:

https://developers.google.com/identity/sign-in/web/backend-auth

{
 // These six fields are included in all Google ID Tokens.
 "iss": "https://accounts.google.com",
 "sub": "110169484474386276334",
 "azp": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",
 "aud": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",
 "iat": "1433978353",
 "exp": "1433981953",

 // These seven fields are only included when the user has granted the "profile" and
 // "email" OAuth scopes to the application.
 "email": "testuser@gmail.com",
 "email_verified": "true",
 "name" : "Test User",
 "picture": "https://lh4.googleusercontent.com/-kYgzyAWpZzJ/ABCDEFGHI/AAAJKLMNOP/tIXL9Ir44LE/s99-c/photo.jpg",
 "given_name": "Test",
 "family_name": "User",
 "locale": "en"
}

i've never been able to receive anything but email and email_verified from that endpoint, even when requesting the profile scope.

digging through this code I found this endpoint: https://github.com/google/oauth2client/blob/f9e16edc459654f88c7a1be04cf6fb381016c9b5/scripts/run_system_tests.py#L34 which I can use to get the profile info.

Is there a bug in the code or the documentation?

[dhermes]

@anthmgoogle any ideas?

[JlUgia]

To shed more light on the topic, the endpoint https://www.googleapis.com/oauth2/v3/tokeninfo returns the same response as the method verify_id_token in client.py#1650 (although this method does not seem to perform any request to Google Auth servers).

The only way to return profile info seems to be calling tokeninfo passing an access_token instead of an id_token in the query string. For example, from the response after calling https://www.googleapis.com/oauth2/v3/token.
It'd be great to get some clarity on this issue, and get the docs updated accordingly.

[dhermes]

@jay0lee could this be related to #368 (like #453)?

[jay0lee]

I don't think this is related. For a token that has both the email and profile scopes neither the v2 or v3 endpoints seem to include profile fields.

[dhermes]

Thanks for the quick reply!

[JlUgia]

While this one gets addressed, note that you can fetch information about the user through the userinfo endpoint of oauth2 -> v3:
https://www.googleapis.com/oauth2/v3/userinfo?access_token=[access-token]

[rikikonikoff]

Has there been any resolution to this issue? I am having the same problem, where I request profile in the scopes but do not get image or name encoded in the id_token

[theacodes]

Thank you for creating this issue, however, this project is deprecatedand we will only be addressing critical security issues. You can read moreabout this deprecation here.

If you need support or help using this library, we recommend that you ask yourquestion on StackOverflow.

If you still think this issue is relevant and should be addressed, pleasecomment and let us know!