Login with Apple from iOS to API
Opened this issue · 3 comments
joey-barbier commented
Hello,
I need your lights, my users login from an iOS device, after using "sign in with Apple" I get a token so I send it to my API but when I try to use $client->fetchUserFromToken($accessToken);
I get an empty user.
League\OAuth2\Client\Provider\AppleResourceOwner {#541
#response: array:2 [
"email" => null
"isPrivateEmail" => null
]
#resourceOwnerId: null
-email: null
-isPrivateEmail: null
}
Do you have a solution?
Thank you!
patrickbussmann commented
You get this information only at very first request. Not on second or third one.
joey-barbier commented
Oh yes.. my bad, but how can I check if the token is valid ?
joey-barbier commented
To complete my question, I use your SDK with "knpuniversity/oauth2-client-bundle", to check a validity of JWT received from an iOS device, I need to do it like this:
- To verify the identity token, your app server must:
- Verify the JWS E256 signature using the server’s public key
- Verify the nonce for the authentication
- Verify that the iss field contains https://appleid.apple.com
- Verify that the aud field is the developer’s client_id
- Verify that the time is earlier than the exp value of the token
Or you have a method already developed?