made changes to cfc_webapp.py to use client_id for oath

Author: jesca

CFC_WebApp/api/cfc_webapp.py

@@ -31,6 +31,7 @@
 ssl_cert = key_data["ssl_certificate"]
 private_key = key_data["private_key"]
 client_key = key_data["client_key"]
+client_id = key_data["client_id"]
 hack_client_key = key_data["ios_client_key"]
 
 BaseRequest.MEMFILE_MAX = 1024 * 1024 * 1024 # Allow the request size to be 1G
@@ -355,24 +356,21 @@ def after_request():
 def verifyUserToken(token):
   # attempt to validate token on the client-side
   try:
-    tokenFields = verify_id_token(id_token, client_key)
+    tokenFields = verify_id_token(id_token, client_id)
   except AppIdentityError:
     try:
       tokenFields = verify_id_token(id_token, hack_client_key)
     except AppIdentityError:
-      pass
+        # fall back to verifying using Google API
+        constructedURL = ("https://www.googleapis.com/oauth2/v1/tokeninfo?id_token=%s" % token)
+        r = requests.get(constructedURL)
+        tokenFields = json.loads(r.content)
 
-  if tokenFields:
-    return tokenFields['email']
-
-  # fall back to verifying using Google API
-  constructedURL = ("https://www.googleapis.com/oauth2/v1/tokeninfo?id_token=%s" % token)
-  r = requests.get(constructedURL)
-  tokenFields = json.loads(r.content)
   in_client_key = tokenFields['audience']
   if (in_client_key != client_key):
     if (in_client_key != hack_client_key):
       abort(401, "Invalid client key %s" % in_client_key)
+
   logging.debug("Found user email %s" % tokenFields['email'])
   return tokenFields['email']