Browser/crypto base64 decoding strictly required padding

[Quutti]

Environment details

• OS: Windows 10
• Node.js version: 8.11.1
• npm version: 5.6
• google-auth-library version: 4.0.0

Description

Browser implementation of crypto uses npm package base64-js to decode base64 strings. Base64-js package strictly requires padding on base64 strings, so when the base64 string is passed to the function the user is represented with an error "Can't parse token envelope".

For an example OAuth2Client.verifyIdToken (internally calls verifySignedJwtWithCertsAsync) -method uses crypto to decode base64 strings. In this case when id_token is passed, the client implementation might raise an error for user if id_token segment 0 or 1 is non-modular with 4.

NodeJS implementation of crypto uses Buffers which is not strict with padding, so NodeJS implementation is working correctly.

There is an issue on base64-js Github repository issue tracker (beatgammit/base64-js#45), but the issue is quite old. It might be better for you guys to create a simple ADHoC fix for this (I can provide a PR) or change the base64 decoding library.

[JustinBeckwith]

Thanks for the heads up! PRs are always welcomed :)

[alexander-fenster]

Oh. I did the padding here

google-auth-library-nodejs/src/crypto/browser/crypto.ts

Lines 80 to 83 in 6a1efe0

	// base64js requires padding, so let's add some '='
	while (signature.length % 4 !== 0) {
	signature += '=';
	}

but I obviously missed some other places. Fixing that now. Thanks @Quutti!