omniauth-apple 1.0.2 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/rspec.yml +11 -10
- data/CHANGELOG.md +24 -4
- data/README.md +71 -0
- data/lib/omniauth/apple/version.rb +1 -1
- data/lib/omniauth/strategies/apple.rb +17 -2
- data/omniauth-apple.gemspec +2 -1
- metadata +17 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 221e35d0cf4add7e7015c2571ab6c36cd43119aa8ac1ebf6ad749e6d075ff342
|
4
|
+
data.tar.gz: ab591ea9afc76e0365a88d7838de284fd4eef30d9891f2cba73df4d718250738
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 52c7db989eae8f46ab8f76458d8b02b3df22de0f35116166d39ce970118a37901db7213f5d121f913f20b785c3c3b3c985b64cfacdd5cb5ced646ade4ad9182b
|
7
|
+
data.tar.gz: 96ca930d07a243a3ba6580702ddcace78d48d6b446ed1115c721535665c5607745c3dad76f9bed3cffb8cc897af0479485858fa4b48c7817e6e738c68762fe5c
|
data/.github/workflows/rspec.yml
CHANGED
@@ -6,21 +6,22 @@ on:
|
|
6
6
|
- master
|
7
7
|
pull_request:
|
8
8
|
|
9
|
+
permissions:
|
10
|
+
contents: read
|
11
|
+
|
9
12
|
jobs:
|
10
|
-
|
13
|
+
spec:
|
11
14
|
runs-on: ubuntu-latest
|
12
15
|
strategy:
|
13
16
|
fail-fast: false
|
14
17
|
matrix:
|
15
|
-
ruby: ['2.
|
18
|
+
ruby: ['2.6', '2.7', '3.0', '3.1']
|
16
19
|
steps:
|
17
|
-
- uses: actions/checkout@
|
18
|
-
- name: Set up Ruby
|
19
|
-
uses:
|
20
|
+
- uses: actions/checkout@v3
|
21
|
+
- name: Set up Ruby
|
22
|
+
uses: ruby/setup-ruby@v1
|
20
23
|
with:
|
21
24
|
ruby-version: ${{ matrix.ruby }}
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
bundle install --jobs 4 --retry 3
|
26
|
-
bundle exec rake spec
|
25
|
+
bundler-cache: true
|
26
|
+
- name: Run Specs
|
27
|
+
run: bundle exec rake spec
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,23 @@
|
|
1
1
|
## [Unreleased]
|
2
2
|
|
3
|
+
## [1.1.0] - 2022-09-27
|
4
|
+
|
5
|
+
### Fixed
|
6
|
+
|
7
|
+
- [#91](https://github.com/nhosoya/omniauth-apple/pull/91) explicitly specify auth_scheme for oauth2 v2+ support
|
8
|
+
|
9
|
+
## [1.1.0] - 2022-09-26
|
10
|
+
|
11
|
+
### Added
|
12
|
+
|
13
|
+
- [#67](https://github.com/nhosoya/omniauth-apple/pull/67) Add email_verified and is_private_email
|
14
|
+
|
15
|
+
### Fixed
|
16
|
+
|
17
|
+
- [#74](https://github.com/nhosoya/omniauth-apple/pull/74) rspec failure - callback_path null pointer
|
18
|
+
- [#81](https://github.com/nhosoya/omniauth-apple/pull/81) Allow for omniauth 2.0 series
|
19
|
+
- [#88](https://github.com/nhosoya/omniauth-apple/pull/88) update github actions config
|
20
|
+
|
3
21
|
## [1.0.2] - 2021-05-19
|
4
22
|
|
5
23
|
### Fixed
|
@@ -33,7 +51,7 @@
|
|
33
51
|
|
34
52
|
### Changed
|
35
53
|
|
36
|
-
- [#27](https://github.com/nhosoya/omniauth-apple/pull/27) Update development dependency
|
54
|
+
- [#27](https://github.com/nhosoya/omniauth-apple/pull/27) Update development dependency
|
37
55
|
- [#28](https://github.com/nhosoya/omniauth-apple/pull/28) Update README.md
|
38
56
|
- [#38](https://github.com/nhosoya/omniauth-apple/pull/38) Refine AuthHash
|
39
57
|
- [#39](https://github.com/nhosoya/omniauth-apple/pull/39) Set the default scope to 'email name'
|
@@ -44,7 +62,9 @@
|
|
44
62
|
|
45
63
|
## [0.0.1] - 2019-06-07
|
46
64
|
|
47
|
-
[Unreleased]: https://github.com/nhosoya/omniauth-apple/compare/v1.0
|
48
|
-
[1.
|
49
|
-
[1.0
|
65
|
+
[Unreleased]: https://github.com/nhosoya/omniauth-apple/compare/v1.2.0...master
|
66
|
+
[1.2.0]: https://github.com/nhosoya/omniauth-apple/compare/v1.1.0...v1.2.0
|
67
|
+
[1.1.0]: https://github.com/nhosoya/omniauth-apple/compare/v1.0.2...v1.1.0
|
50
68
|
[1.0.2]: https://github.com/nhosoya/omniauth-apple/compare/v1.0.1...v1.0.2
|
69
|
+
[1.0.1]: https://github.com/nhosoya/omniauth-apple/compare/v1.0.0...v1.0.1
|
70
|
+
[1.0.0]: https://github.com/nhosoya/omniauth-apple/compare/v0.0.3...v1.0.0
|
data/README.md
CHANGED
@@ -34,6 +34,77 @@ Rails.application.config.middleware.use OmniAuth::Builder do
|
|
34
34
|
end
|
35
35
|
```
|
36
36
|
|
37
|
+
## Configuring "Sign In with Apple"
|
38
|
+
|
39
|
+
_other Sign In with Apple guides:_
|
40
|
+
- ["How To" by janak amarasena (2019)](https://medium.com/identity-beyond-borders/how-to-configure-sign-in-with-apple-77c61e336003)
|
41
|
+
- [the docs, by Apple](https://developer.apple.com/sign-in-with-apple/)
|
42
|
+
|
43
|
+
### Look out for the values you need for your config
|
44
|
+
1. your domain and subdomains, something like: `myapp.com`, `www.myapp.com`
|
45
|
+
2. your redirect uri, something like: `https://myapp.com/users/auth/apple/callback` (check `rails routes` to be sure)
|
46
|
+
3. omniauth's "client id" will be Apple's "bundle id", something like: `com.myapp`
|
47
|
+
4. you will get the "team id" value from Apple when you create your _**App Id**_, something like: `H000000B`
|
48
|
+
5. Apple will give you a `.p8` file, which you'll use to GENERATE your `:pem` value
|
49
|
+
|
50
|
+
### Steps
|
51
|
+
|
52
|
+
1. Log into your [Apple Developer Account](https://idmsa.apple.com/IDMSWebAuth/signin?appIdKey=891bd3417a7776362562d2197f89480a8547b108fd934911bcbea0110d07f757&path=%2Faccount%2F&rv=1)
|
53
|
+
(if you don't have one, you can [create one here](https://appleid.apple.com/account?appId=632&returnUrl=https%3A%2F%2Fdeveloper.apple.com%2Faccount%2F))
|
54
|
+
|
55
|
+
2. Get an App Id with the "Sign In with Apple" capability
|
56
|
+
- go to your [Identifiers](https://developer.apple.com/account/resources/identifiers/list) list
|
57
|
+
- [start a new Identifier](https://developer.apple.com/account/resources/identifiers/add/bundleId) by clicking on the + sign in the Identifiers List
|
58
|
+
- select _**App IDs**_ and click _**continue**_
|
59
|
+
- select _**App**_ and _**continue**_
|
60
|
+
- enter a description and a bundle id
|
61
|
+
- check the **_"Sign In with Apple"_** capability
|
62
|
+
- save it
|
63
|
+
|
64
|
+
3. Get a Services Id (which we will use as our client id)
|
65
|
+
- go to your [Identifiers](https://developer.apple.com/account/resources/identifiers/list) list
|
66
|
+
- [start a new Identifier](https://developer.apple.com/account/resources/identifiers/add/bundleId) by clicking on the + sign in the Identifiers List
|
67
|
+
- select _**Services IDs**_ and click _**continue**_
|
68
|
+
- enter a description and a bundle id
|
69
|
+
- make sure **_"Sign In with Apple"_** is checked, then click _**configure**_
|
70
|
+
- make sure the Primary App ID matches the App ID you configured earlier
|
71
|
+
- enter all the subdomains you might use (comma delimited):
|
72
|
+
|
73
|
+
example.com,www.example.com
|
74
|
+
|
75
|
+
- enter all the redirect URLS you might use (comma delimited):
|
76
|
+
|
77
|
+
https://example.com/users/auth/apple/callback,https://example.com/users/auth/apple/callback
|
78
|
+
|
79
|
+
- save the "Sign In with Apple" capability config and the Service Id
|
80
|
+
|
81
|
+
4. Get a Secret Key
|
82
|
+
- go to your [Keys](https://developer.apple.com/account/resources/authkeys/list) list
|
83
|
+
- [start a new Key](https://developer.apple.com/account/resources/authkeys/add) by clicking on the + sign in the Keys List
|
84
|
+
- enter a name
|
85
|
+
- make sure **_"Sign In with Apple"_** is checked, then click _**configure**_
|
86
|
+
- make sure the Primary App ID matches the App ID you configured earlier
|
87
|
+
- save the "Sign In with Apple" capability
|
88
|
+
- click "continue" to finish the Key config (you will be prompted to _**Download Your Key**_)
|
89
|
+
- Apple will give you a `.p8` file, keep it safe and secure (don't commit it).
|
90
|
+
|
91
|
+
### Mapping Apple Values to OmniAuth Values
|
92
|
+
- your `:team_id` is in the top-right of your App Id config (aka _**App ID Prefix**_), it looks like: `H000000B`
|
93
|
+
- your `:client_id` is in the top-right of your Services Id config (aka _**Identifier**_), it looks like: `com.example`
|
94
|
+
- your `:key_id` is on the left side of your Key Details page, it looks like: `XYZ000000`
|
95
|
+
- your `:pem` is the content of the `.p8` file you got from Apple, _**with an extra newline at the end**_
|
96
|
+
|
97
|
+
- example from a Devise config:
|
98
|
+
|
99
|
+
```ruby
|
100
|
+
config.omniauth :apple, ENV['APPLE_SERVICE_BUNDLE_ID'], '', {
|
101
|
+
scope: 'email name',
|
102
|
+
team_id: ENV['APPLE_APP_ID_PREFIX'],
|
103
|
+
key_id: ENV['APPLE_KEY_ID'],
|
104
|
+
pem: ENV['APPLE_P8_FILE_CONTENT_WITH_EXTRA_NEWLINE']
|
105
|
+
}
|
106
|
+
```
|
107
|
+
|
37
108
|
## Contributing
|
38
109
|
|
39
110
|
Bug reports and pull requests are welcome on GitHub at https://github.com/nhosoya/omniauth-apple.
|
@@ -11,7 +11,8 @@ module OmniAuth
|
|
11
11
|
option :client_options,
|
12
12
|
site: 'https://appleid.apple.com',
|
13
13
|
authorize_url: '/auth/authorize',
|
14
|
-
token_url: '/auth/token'
|
14
|
+
token_url: '/auth/token',
|
15
|
+
auth_scheme: :request_body
|
15
16
|
option :authorize_params,
|
16
17
|
response_mode: 'form_post',
|
17
18
|
scope: 'email name'
|
@@ -19,6 +20,8 @@ module OmniAuth
|
|
19
20
|
|
20
21
|
uid { id_info['sub'] }
|
21
22
|
|
23
|
+
# Documentation on parameters
|
24
|
+
# https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api/authenticating_users_with_sign_in_with_apple
|
22
25
|
info do
|
23
26
|
prune!(
|
24
27
|
sub: id_info['sub'],
|
@@ -26,6 +29,8 @@ module OmniAuth
|
|
26
29
|
first_name: first_name,
|
27
30
|
last_name: last_name,
|
28
31
|
name: (first_name || last_name) ? [first_name, last_name].join(' ') : email,
|
32
|
+
email_verified: email_verified,
|
33
|
+
is_private_email: is_private_email
|
29
34
|
)
|
30
35
|
end
|
31
36
|
|
@@ -38,12 +43,22 @@ module OmniAuth
|
|
38
43
|
::OAuth2::Client.new(client_id, client_secret, deep_symbolize(options.client_options))
|
39
44
|
end
|
40
45
|
|
46
|
+
def email_verified
|
47
|
+
value = id_info['email_verified']
|
48
|
+
value == true || value == "true"
|
49
|
+
end
|
50
|
+
|
51
|
+
def is_private_email
|
52
|
+
value = id_info['is_private_email']
|
53
|
+
value == true || value == "true"
|
54
|
+
end
|
55
|
+
|
41
56
|
def authorize_params
|
42
57
|
super.merge(nonce: new_nonce)
|
43
58
|
end
|
44
59
|
|
45
60
|
def callback_url
|
46
|
-
options[:redirect_uri] || (full_host +
|
61
|
+
options[:redirect_uri] || (full_host + callback_path)
|
47
62
|
end
|
48
63
|
|
49
64
|
private
|
data/omniauth-apple.gemspec
CHANGED
@@ -38,9 +38,10 @@ Gem::Specification.new do |spec|
|
|
38
38
|
|
39
39
|
spec.add_dependency 'omniauth-oauth2'
|
40
40
|
spec.add_dependency 'jwt'
|
41
|
+
spec.add_dependency 'rack-protection', '~> 2.0'
|
41
42
|
spec.add_development_dependency "bundler", "~> 2.0"
|
42
43
|
spec.add_development_dependency "rake", "~> 13.0"
|
43
44
|
spec.add_development_dependency "rspec", "~> 3.9"
|
44
45
|
spec.add_development_dependency "webmock", "~> 3.8"
|
45
|
-
spec.add_development_dependency
|
46
|
+
spec.add_development_dependency "simplecov", "~> 0.18"
|
46
47
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: omniauth-apple
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0
|
4
|
+
version: 1.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- nhosoya
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: exe
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2022-09-27 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: omniauth-oauth2
|
@@ -39,6 +39,20 @@ dependencies:
|
|
39
39
|
- - ">="
|
40
40
|
- !ruby/object:Gem::Version
|
41
41
|
version: '0'
|
42
|
+
- !ruby/object:Gem::Dependency
|
43
|
+
name: rack-protection
|
44
|
+
requirement: !ruby/object:Gem::Requirement
|
45
|
+
requirements:
|
46
|
+
- - "~>"
|
47
|
+
- !ruby/object:Gem::Version
|
48
|
+
version: '2.0'
|
49
|
+
type: :runtime
|
50
|
+
prerelease: false
|
51
|
+
version_requirements: !ruby/object:Gem::Requirement
|
52
|
+
requirements:
|
53
|
+
- - "~>"
|
54
|
+
- !ruby/object:Gem::Version
|
55
|
+
version: '2.0'
|
42
56
|
- !ruby/object:Gem::Dependency
|
43
57
|
name: bundler
|
44
58
|
requirement: !ruby/object:Gem::Requirement
|
@@ -150,7 +164,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
150
164
|
- !ruby/object:Gem::Version
|
151
165
|
version: '0'
|
152
166
|
requirements: []
|
153
|
-
rubygems_version: 3.
|
167
|
+
rubygems_version: 3.3.7
|
154
168
|
signing_key:
|
155
169
|
specification_version: 4
|
156
170
|
summary: OmniAuth strategy for Sign In with Apple
|