Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/rootstrap/apple_auth
Complete Ruby gem for Sign in with Apple. Actively maintained by rootstrap.com
https://github.com/rootstrap/apple_auth
apple apple-sign-in devise devise-token-auth hacktoberfest rails ruby rubygem sign-in-with-apple
Last synced: 4 days ago
JSON representation
Complete Ruby gem for Sign in with Apple. Actively maintained by rootstrap.com
- Host: GitHub
- URL: https://github.com/rootstrap/apple_auth
- Owner: rootstrap
- License: mit
- Created: 2020-05-07T19:46:51.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2024-10-09T17:35:00.000Z (3 months ago)
- Last Synced: 2024-12-15T12:03:12.750Z (11 days ago)
- Topics: apple, apple-sign-in, devise, devise-token-auth, hacktoberfest, rails, ruby, rubygem, sign-in-with-apple
- Language: Ruby
- Homepage: https://rootstrap.com
- Size: 71.3 KB
- Stars: 88
- Watchers: 13
- Forks: 19
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE.txt
- Code of conduct: CODE_OF_CONDUCT.md
- Codeowners: CODEOWNERS
Awesome Lists containing this project
README
# AppleAuth
[![Gem Version](https://badge.fury.io/rb/apple_auth.svg)](https://badge.fury.io/rb/apple_auth)
![CI](https://github.com/rootstrap/apple_auth/actions/workflows/ci.yml/badge.svg?branch=master)
[![Maintainability](https://api.codeclimate.com/v1/badges/78453501221a76e3806e/maintainability)](https://codeclimate.com/github/rootstrap/apple_sign_in/maintainability)
[![Test Coverage](https://api.codeclimate.com/v1/badges/78453501221a76e3806e/test_coverage)](https://codeclimate.com/github/rootstrap/apple_sign_in/test_coverage)## Installation
Add this line to your Gemfile:
```ruby
gem 'apple_auth'
```And then execute:
$ bundle install
Or install it yourself:
$ gem install apple_auth
---
After installing the gem, you need to run this generator.
$ rails g apple_auth:config
This will generate a new initializer: `apple_auth.rb` with the following default configuration:
```ruby
AppleAuth.configure do |config|
# config.apple_client_id =
# config.apple_private_key =
# config.apple_key_id =
# config.apple_team_id =
# config.redirect_uri =
end
```Set your different credentials in the file by uncommenting the lines and adding your keys.
---
## Usage
Here's an example of how to configure the gem:
```ruby
AppleAuth.configure do |config|
config.apple_client_id = 'com.yourapp...'
config.apple_private_key = "-----BEGIN PRIVATE KEY-----\nMIGTAgEA....\n-----END PRIVATE KEY-----"
config.apple_key_id = 'RTZ...'
config.apple_team_id = 'WNU...'
config.redirect_uri = 'https://localhost:3000'
end
```We strongly recommend to use environment variables for these values.
### Apple sign-in workflow:
![alt text](https://docs-assets.developer.apple.com/published/360d59b776/rendered2x-1592224731.png)
For more information, check the [Apple oficial documentation](https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api).
### Validate JWT token and get user information:
```ruby
# with a valid JWT
user_id = '000343.1d22d2937c7a4e56806dfb802b06c430...'
valid_jwt_token = 'eyJraWQiOiI4NkQ4OEtmIiwiYWxnIjoiUlMyNTYifQ.eyJpc...'
AppleAuth::UserIdentity.new(user_id, valid_jwt_token).validate!
>> { exp: 1595279622, email: "[email protected]", email_verified: true , ...}# with an invalid JWT
invalid_jwt_token = 'eyJraWQiOiI4NkQsd4OEtmIiwiYWxnIjoiUlMyNTYifQ.edsyJpc...'
AppleAuth::UserIdentity.new(user_id, invalid_jwt_token).validate!
>> Traceback (most recent call last):..
>> ...
>> AppleAuth::Conditions::JWTValidationError
```### Verify user identity and get access and refresh tokens:
```ruby
code = 'cfb77c21ecd444390a2c214cd33decdfb.0.mr...'
AppleAuth::Token.new(code).authenticate!
>> { access_token: "a7058d...", expires_at: 1595894672, refresh_token: "r8f1ce..." }
```### Handle server to server notifications
from the request parameter :payload
```ruby
# with a valid JWT
params[:payload] = "eyJraWQiOiJZ......"
AppleAuth::ServerIdentity.new(params[:payload]).validate!
>> {iss: "https://appleid.apple.com", exp: 1632224024, iat: 1632137624, jti: "yctpp1ZHaGCzaNB9PWB4DA",...}# with an invalid JWT
params[:payload] = "asdasdasdasd......"
AppleAuth::ServerIdentity.new(params[:payload]).validate!
>> JWT::VerificationError: Signature verification raised
```Implementation in a controller would look like this:
```ruby
class Hooks::AuthController < ApplicationControllerskip_before_action :verify_authenticity_token
# https://developer.apple.com/documentation/sign_in_with_apple/processing_changes_for_sign_in_with_apple_accounts
# NOTE: The Apple documentation states the events attribute as an array but is in fact a stringified json object
def apple
# will raise an error when the signature is invalid
payload = AppleAuth::ServerIdentity.new(params[:payload]).validate!
event = JSON.parse(payload[:events]).symbolize_keys
uid = event["sub"]
user = User.find_by!(provider: 'apple', uid: uid)case event[:type]
when "email-enabled", "email-disabled"
# Here we should update the user with the relay state
when "consent-revoked", "account-delete"
user.destroy!
else
throw event
end
render plain: "200 OK", status: :ok
end
end
```## Using with Devise
If you are using devise_token_auth gem, run this generator.
$ rails g apple_sign_in:apple_auth_controller [scope]
In the scope you need to write your path from controllers to your existent devise controllers.
An example `$ rails g apple_auth:apple_auth_controller api/v1/`
This will generate a new controller: `controllers/api/v1/apple_auth_controller.rb`.You should configure the route, you can wrap it in the devise_scope block like:
```
devise_scope :user do
resource :user, only: %i[update show] do
controller :apple_auth do
post :apple_auth, on: :collection, to: 'apple_auth#create'
end
end
end
```## Demo
You can find a full implementation of this gem in [this demo](https://github.com/rootstrap/apple-sign-in-rails).
## Development
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
## Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/rootstrap/apple_auth/issues. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/rootstrap/apple_auth/blob/master/CODE_OF_CONDUCT.md).
## License
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
## Code of Conduct
Everyone interacting in the AppleAuth project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/rootstrap/apple_auth/blob/master/CODE_OF_CONDUCT.md).
## Credits
apple_auth gem is maintained by [Rootstrap](http://www.rootstrap.com) with the help of our
[contributors](https://github.com/rootstrap/apple_auth/contributors).[](http://www.rootstrap.com)