apple-sign-in-rest
Options
All
  • Public
  • Public/Protected
  • All
Menu

Hierarchy

  • AppleSignIn

Index

Constructors

Properties

Methods

Constructors

constructor

Properties

Private clientId

clientId: string

Private jwksClient

jwksClient: JwksClient

Private keyIdentifier

keyIdentifier: string

Private privateKey

privateKey: string

Private teamId

teamId: string

Methods

createClientSecret

  • createClientSecret(options: { expirationDuration?: undefined | number }): string

getAppleSigningKey

  • getAppleSigningKey(kid: string): Promise<SigningKey>

getAuthorizationToken

  • getAuthorizationToken(clientSecret: string, code: string, options: { redirectUri?: undefined | string }): Promise<AccessTokenResponse>

  • Parameters

    • clientSecret: string
    • code: string
    • options: { redirectUri?: undefined | string }
      • Optional redirectUri?: undefined | string

        The destination URI the code was originally sent to.

    Returns Promise<AccessTokenResponse>

getAuthorizationUrl

  • getAuthorizationUrl(options: { nonce?: undefined | string; redirectUri: string; scope?: undefined | ("name" | "email")[]; state?: undefined | string }): string

  • Function that generates a url that can be used to redirect the user and begin the "Sign in with Apple" flow.

    link

    https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/incorporating_sign_in_with_apple_into_other_platforms#3332113

    Parameters

    • options: { nonce?: undefined | string; redirectUri: string; scope?: undefined | ("name" | "email")[]; state?: undefined | string }
      • Optional nonce?: undefined | string

        A String value used to associate a client session with an ID token. This value is also used to mitigate replay attacks.

      • redirectUri: string

        The destination URI the code was originally sent to.

      • Optional scope?: undefined | ("name" | "email")[]

        The amount of user information requested from Apple.

        You can request the user’s "name" or "email". You can also choose to request both, or neither. Ommiting the property or providing any empty won't request any scopes.

        example

        ['email']

        example

        ['name', 'email']

      • Optional state?: undefined | string

        A unique and non-guessable value that helps prevent CSRF attacks. Usually a UUID string.

        link

        https://auth0.com/docs/protocols/oauth2/oauth-state

    Returns string

refreshAuthorizationToken

  • refreshAuthorizationToken(clientSecret: string, refreshToken: string): Promise<Pick<AccessTokenResponse, "access_token" | "expires_in" | "token_type">>

verifyIdToken

  • verifyIdToken(idToken: string, options: { ignoreExpiration?: undefined | boolean; nonce?: undefined | string; subject?: undefined | string }): Promise<AppleIdTokenType>

  • Verify identity of a give JsonWebToken string.

    Parameters

    • idToken: string
    • options: { ignoreExpiration?: undefined | boolean; nonce?: undefined | string; subject?: undefined | string }
      • Optional ignoreExpiration?: undefined | boolean

        If you want to handle expiration on your own or decode expired tokens you can set to ignore expiration

        default

        false

      • Optional nonce?: undefined | string

        The nonce parameter value needs to include per-session state and be unguessable to attackers.

      • Optional subject?: undefined | string

        If you want to check subject (sub) a.k.a "user_identifier"

    Returns Promise<AppleIdTokenType>

Legend

  • Constructor
  • Method
  • Property
  • Private property

Generated using TypeDoc