patrickbussmann/oauth2-apple

Login with Apple from iOS to API

Opened this issue · 3 comments

Hello,

I need your lights, my users login from an iOS device, after using "sign in with Apple" I get a token so I send it to my API but when I try to use $client->fetchUserFromToken($accessToken); I get an empty user.

League\OAuth2\Client\Provider\AppleResourceOwner {#541
  #response: array:2 [
    "email" => null
    "isPrivateEmail" => null
  ]
  #resourceOwnerId: null
  -email: null
  -isPrivateEmail: null
}

Do you have a solution?

Thank you!

You get this information only at very first request. Not on second or third one.

Oh yes.. my bad, but how can I check if the token is valid ?

To complete my question, I use your SDK with "knpuniversity/oauth2-client-bundle", to check a validity of JWT received from an iOS device, I need to do it like this:

"https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api/verifying_a_user" :

  • To verify the identity token, your app server must:
  • Verify the JWS E256 signature using the server’s public key
  • Verify the nonce for the authentication
  • Verify that the iss field contains https://appleid.apple.com
  • Verify that the aud field is the developer’s client_id
  • Verify that the time is earlier than the exp value of the token

Or you have a method already developed?