public async Task <ActionResult <TokenDto> > GoogleLogin([FromBody] GoogleExternalLoginDto userDto) { Payload payload; try { payload = await ValidateAsync(userDto.IdToken, new ValidationSettings { Audience = new[] { "1055013042266-bgqj135lt6tq6vfinq1qev5ao7h1tkae.apps.googleusercontent.com" } }); // It is important to add your ClientId as an audience in order to make sure // that the token is for your application! if (payload == null || string.IsNullOrWhiteSpace(payload.Email)) { return(BadRequest(new ErrorMessage((int)HttpStatusCode.BadRequest, "As informações do usuário ou email são inválidas."))); } var user = await UserApplication.GetUser(u => (u.Login.ToLower().Equals(payload.Email.ToLower()))); if (user == null) { var _user = await UserApplication.CreateExternalUser(payload.Email); user = await UserApplication.GetUser(u => (u.Id.Equals(_user.Id))); } else if (!user.IsActive) { return(Unauthorized(new ErrorMessage((int)HttpStatusCode.Unauthorized, "O usuário está inativo. Por favor contate o administrador do sistema."))); } var token = JwtService.CreateToken(user); return(Ok(token)); } catch { // Invalid token return(Unauthorized(new ErrorMessage((int)HttpStatusCode.Unauthorized, "O token de acesso é inválido."))); } }