Release Notes for the nexys/oauth
package with Apple Sign-In with Apple implementation:
New Features
- Added
AppleSSOClient
class for implementing Sign-In with Apple flow using Apple's REST APIs. - The
AppleSSOClient
class extends theAbstractOAuth
class and provides the following methods:oAuthUrl
: Generates the authorization URL for redirecting the user to Apple's sign-in page.callback
: Handles the callback from Apple after the user authorizes the app and exchanges the authorization code for an access token.getProfile
: Retrieves the user's profile information from Apple's userInfo endpoint using the access token.
Usage
To use the AppleSSOClient
, you'll need to provide the following credentials from your Apple Developer Account:
clientId
: Your Client IDteamId
: Your Team IDkeyId
: Your Key IDprivateKey
: Your private keyredirectUrl
: The redirect URI registered with Apple
Example:
import AppleSSOClient from 'nexys/oauth/apple';
const clientId = 'YOUR_CLIENT_ID';
const teamId = 'YOUR_TEAM_ID';
const keyId = 'YOUR_KEY_ID';
const privateKey = 'YOUR_PRIVATE_KEY';
const redirectUrl = 'YOUR_REDIRECT_URI';
const appleClient = new AppleSSOClient(clientId, teamId, keyId, privateKey, redirectUrl);
// Generate the authorization URL
const authUrl = appleClient.oAuthUrl();
// Redirect the user to the authUrl
// Handle the callback from Apple
const code = 'CODE_FROM_APPLE'; // Get the code from the callback
const tokenResponse = await appleClient.callback(code);
const accessToken = tokenResponse.access_token;
// Get the user's profile information
const profileData = await appleClient.getProfile(accessToken);
console.log('User Profile:', profileData);
Dependencies
- The
AppleSSOClient
class depends on the following utilities:AbstractOAuth
class from../abstract.js
paramsToQueryString
function from../utils.js
secretFromPrivateKey
function from./utils.js
Types
- The
AppleProfile
interface defines the shape of the user profile data returned by Apple's userInfo endpoint.
interface AppleProfile {
name: string;
email: string;
sub: string; // unique user id
email_verified: boolean;
}
Notes
- The implementation uses the native
fetch
API for making HTTP requests to Apple's servers. - Error handling is included for failed requests, with error messages logged to the console and errors thrown.
- The
AppleSSOClient
class is designed to work with the existingAbstractOAuth
class and utilities in thenexys/oauth
package.