If you just want to read the contents of the data returned by GoogleAuthUtil.getToken
then the process is very simple. The returned data is simply a JWT. So all you'd have to do is split the data by the .
character, and then base64 (url) decode each piece.
It gets slightly more complicated if you want you want to verify the message's authenticity. Simply use your favorite crypto library to do the verification. The 3rd component of the JWT is the signature of the data and the Google certs are publicly available; that's all you need to verify the message.