npm - @capawesome/capacitor-apple-sign-in - Versions diffs - 0.0.1 - Mend

@capawesome/capacitor-apple-sign-in 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

package/CapawesomeCapacitorAppleSignIn.podspec ADDED Viewed

@@ -0,0 +1,17 @@
+require 'json'
+package = JSON.parse(File.read(File.join(__dir__, 'package.json')))
+Pod::Spec.new do |s|
+  s.name = 'CapawesomeCapacitorAppleSignIn'
+  s.version = package['version']
+  s.summary = package['description']
+  s.license = package['license']
+  s.homepage = package['repository']['url']
+  s.author = package['author']
+  s.source = { :git => package['repository']['url'], :tag => s.version.to_s }
+  s.source_files = 'ios/Plugin/**/*.{swift,h,m,c,cc,mm,cpp}'
+  s.ios.deployment_target = '15.0'
+  s.dependency 'Capacitor'
+  s.swift_version = '5.1'
+end

package/Package.swift ADDED Viewed

@@ -0,0 +1,28 @@
+// swift-tools-version: 5.9
+import PackageDescription
+let package = Package(
+    name: "CapawesomeCapacitorAppleSignIn",
+    platforms: [.iOS(.v15)],
+    products: [
+        .library(
+            name: "CapawesomeCapacitorAppleSignIn",
+            targets: ["AppleSignInPlugin"])
+    ],
+    dependencies: [
+        .package(url: "https://github.com/ionic-team/capacitor-swift-pm.git", from: "8.0.0")
+    ],
+    targets: [
+        .target(
+            name: "AppleSignInPlugin",
+            dependencies: [
+                .product(name: "Capacitor", package: "capacitor-swift-pm"),
+                .product(name: "Cordova", package: "capacitor-swift-pm")
+            ],
+            path: "ios/Plugin"),
+        .testTarget(
+            name: "AppleSignInPluginTests",
+            dependencies: ["AppleSignInPlugin"],
+            path: "ios/PluginTests")
+    ]
+)

package/README.md ADDED Viewed

@@ -0,0 +1,220 @@
+# @capawesome/capacitor-apple-sign-in
+Unofficial Capacitor plugin to sign-in with Apple.[^1]
+<div class="capawesome-z29o10a">
+  <a href="https://cloud.capawesome.io/" target="_blank">
+    <img alt="Deliver Live Updates to your Capacitor app with Capawesome Cloud" src="https://cloud.capawesome.io/assets/banners/cloud-build-and-deploy-capacitor-apps.png?t=1" />
+  </a>
+</div>
+## Features
+We are proud to offer one of the most complete and feature-rich Capacitor plugins for Apple Sign-In. Here are some of the key features:
+- 🖥️ **Cross-platform**: Supports Android, iOS, and Web.
+- 🍎 **Native Sign-In**: Uses native AuthenticationServices on iOS.
+- 🌐 **WebView OAuth**: Implements Apple OAuth flow on Android without external dependencies.
+- 📧 **Scope support**: Request email and full name on all platforms.
+- 🔐 **Nonce & state**: Supports nonce for replay protection and state for CSRF protection.
+- 🪶 **Lightweight**: Just a single dependency and zero unnecessary bloat.
+- 🤝 **Compatibility**: Compatible with the [Google Sign-In](https://capawesome.io/plugins/google-sign-in) and [OAuth](https://capawesome.io/plugins/oauth) plugins.
+- 📦 **CocoaPods & SPM**: Supports CocoaPods and Swift Package Manager for iOS.
+- 🔁 **Up-to-date**: Always supports the latest Capacitor version.
+Missing a feature? Just [open an issue](https://github.com/capawesome-team/capacitor-plugins/issues) and we'll take a look!
+## Compatibility
+| Plugin Version | Capacitor Version | Status         |
+| -------------- | ----------------- | -------------- |
+| 0.1.x          | >=8.x.x           | Active support |
+## Guides
+- [How to Sign In with Apple using Capacitor](https://capawesome.io/blog/how-to-sign-in-with-apple-using-capacitor/)
+## Installation
+```bash
+npm install @capawesome/capacitor-apple-sign-in
+npx cap sync
+```
+### iOS
+Add the **Sign in with Apple** capability to your app in Xcode:
+1. Open your app target in Xcode.
+1. Go to the **Signing & Capabilities** tab.
+1. Click **+ Capability** and add **Sign in with Apple**.
+### Web
+The plugin loads the [Apple JS SDK](https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js) automatically.
+Make sure you have configured your Apple Service ID with the correct redirect URL and web domain in the [Apple Developer Portal](https://developer.apple.com/account/resources/identifiers/list/serviceId).
+## Configuration
+No configuration required for this plugin.
+## Usage
+```typescript
+import { AppleSignIn, SignInScope } from '@capawesome/capacitor-apple-sign-in';
+const initialize = async () => {
+  await AppleSignIn.initialize({
+    clientId: 'com.example.app.signin',
+  });
+};
+const signIn = async () => {
+  const result = await AppleSignIn.signIn({
+    scopes: [SignInScope.Email, SignInScope.FullName],
+    redirectUrl: 'https://example.com/callback',
+    nonce: 'random-nonce',
+    state: 'random-state',
+  });
+  return result;
+};
+```
+## API
+<docgen-index>
+* [`initialize(...)`](#initialize)
+* [`signIn(...)`](#signin)
+* [Interfaces](#interfaces)
+* [Enums](#enums)
+</docgen-index>
+<docgen-api>
+<!--Update the source file JSDoc comments and rerun docgen to update the docs below-->
+### initialize(...)
+```typescript
+initialize(options: InitializeOptions) => Promise<void>
+```
+Initialize the plugin.
+This method must be called before `signIn()` on **Android** and **Web**.
+Only available on Android and Web.
+| Param         | Type                                                            |
+| ------------- | --------------------------------------------------------------- |
+| **`options`** | <code><a href="#initializeoptions">InitializeOptions</a></code> |
+**Since:** 0.1.0
+--------------------
+### signIn(...)
+```typescript
+signIn(options?: SignInOptions | undefined) => Promise<SignInResult>
+```
+Sign in with Apple.
+| Param         | Type                                                    |
+| ------------- | ------------------------------------------------------- |
+| **`options`** | <code><a href="#signinoptions">SignInOptions</a></code> |
+**Returns:** <code>Promise&lt;<a href="#signinresult">SignInResult</a>&gt;</code>
+**Since:** 0.1.0
+--------------------
+### Interfaces
+#### InitializeOptions
+| Prop           | Type                | Description                              | Since |
+| -------------- | ------------------- | ---------------------------------------- | ----- |
+| **`clientId`** | <code>string</code> | The Apple Service ID to use for sign-in. | 0.1.0 |
+#### SignInResult
+| Prop                    | Type                                                      | Description                                                                                             | Since |
+| ----------------------- | --------------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | ----- |
+| **`authorizationCode`** | <code>string</code>                                       | The authorization code.                                                                                 | 0.1.0 |
+| **`idToken`**           | <code>string</code>                                       | The ID token (JWT).                                                                                     | 0.1.0 |
+| **`user`**              | <code>string</code>                                       | The stable Apple user identifier. On **Android** and **Web**, this is decoded from the JWT `sub` claim. | 0.1.0 |
+| **`email`**             | <code>string \| null</code>                               | The user's email address. On **iOS**, this is only provided on the first sign-in.                       | 0.1.0 |
+| **`givenName`**         | <code>string \| null</code>                               | The user's given name. On **iOS**, this is only provided on the first sign-in.                          | 0.1.0 |
+| **`familyName`**        | <code>string \| null</code>                               | The user's family name. On **iOS**, this is only provided on the first sign-in.                         | 0.1.0 |
+| **`state`**             | <code>string</code>                                       | The state value from the sign-in request. Only available on Android and Web.                            | 0.1.0 |
+| **`realUserStatus`**    | <code><a href="#realuserstatus">RealUserStatus</a></code> | The real user status. Only available on iOS.                                                            | 0.1.0 |
+#### SignInOptions
+| Prop              | Type                       | Description                                                                   | Since |
+| ----------------- | -------------------------- | ----------------------------------------------------------------------------- | ----- |
+| **`redirectUrl`** | <code>string</code>        | The OAuth redirect URL to use for sign-in. Only available on Android and Web. | 0.1.0 |
+| **`scopes`**      | <code>SignInScope[]</code> | The scopes to request during sign-in.                                         | 0.1.0 |
+| **`nonce`**       | <code>string</code>        | A nonce for replay protection.                                                | 0.1.0 |
+| **`state`**       | <code>string</code>        | A state value for CSRF protection. Only available on Android and Web.         | 0.1.0 |
+### Enums
+#### RealUserStatus
+| Members           | Value                      | Description                                                   | Since |
+| ----------------- | -------------------------- | ------------------------------------------------------------- | ----- |
+| **`LikelyReal`**  | <code>'LIKELY_REAL'</code> | The user appears to be a real person.                         | 0.1.0 |
+| **`Unknown`**     | <code>'UNKNOWN'</code>     | The system can't determine whether the user is a real person. | 0.1.0 |
+| **`Unsupported`** | <code>'UNSUPPORTED'</code> | The real user status is not supported on this platform.       | 0.1.0 |
+#### SignInScope
+| Members        | Value                    | Description                       | Since |
+| -------------- | ------------------------ | --------------------------------- | ----- |
+| **`Email`**    | <code>'EMAIL'</code>     | Request the user's email address. | 0.1.0 |
+| **`FullName`** | <code>'FULL_NAME'</code> | Request the user's full name.     | 0.1.0 |
+</docgen-api>
+## Security
+This plugin handles the OAuth flow and returns tokens to your app. To keep your integration secure, be aware of the following:
+- **Server-side token verification is required.** The `idToken` (JWT) is **not** verified client-side. Your backend **must** verify the JWT signature using [Apple's public keys](https://appleid.apple.com/auth/keys) before trusting any claims (e.g. `user`, `email`). Never use client-side token data for authorization decisions without server-side verification.
+- **Validate the `state` parameter.** The plugin passes the `state` value through to the result but does **not** validate it. Your app must compare the returned `state` against the value it originally sent to protect against CSRF attacks.
+- **Android uses a WebView-based OAuth flow.** Unlike iOS (which uses native `AuthenticationServices`), the Android implementation renders Apple's sign-in page in a WebView. Unlike a system browser flow, the WebView is controlled by the app and has access to page content. Ensure your `redirectUrl` uses HTTPS and points to a domain you control.
+## FAQ
+### What's the difference between this plugin and other Apple Sign-In plugins?
+This plugin is purpose-built for Apple Sign-In and focuses on providing a clean and modern API with the latest platform features. Here are some of the key differences:
+- **Cross-platform**: Supports Android, iOS, and Web.
+- **Lightweight**: No unnecessary dependencies. Just Apple Sign-In, nothing else.
+- **No deprecated APIs**: Uses the latest platform APIs (AuthenticationServices on iOS).
+- **Scope support**: Request email and full name on all platforms.
+- **Error codes**: Provides typed error codes for proper error handling.
+## Changelog
+See [CHANGELOG.md](https://github.com/capawesome-team/capacitor-plugins/blob/main/packages/apple-sign-in/CHANGELOG.md).
+## License
+See [LICENSE](https://github.com/capawesome-team/capacitor-plugins/blob/main/packages/apple-sign-in/LICENSE).
+[^1]: This project is not affiliated with, endorsed by, sponsored by, or approved by Apple Inc. or any of their affiliates or subsidiaries.

package/android/build.gradle ADDED Viewed

@@ -0,0 +1,58 @@
+ext {
+    junitVersion = project.hasProperty('junitVersion') ? rootProject.ext.junitVersion : '4.13.2'
+    androidxAppCompatVersion = project.hasProperty('androidxAppCompatVersion') ? rootProject.ext.androidxAppCompatVersion : '1.7.1'
+    androidxJunitVersion = project.hasProperty('androidxJunitVersion') ? rootProject.ext.androidxJunitVersion : '1.3.0'
+    androidxEspressoCoreVersion = project.hasProperty('androidxEspressoCoreVersion') ? rootProject.ext.androidxEspressoCoreVersion : '3.7.0'
+}
+buildscript {
+    repositories {
+        google()
+        mavenCentral()
+    }
+    dependencies {
+        classpath 'com.android.tools.build:gradle:8.13.0'
+    }
+}
+apply plugin: 'com.android.library'
+android {
+    namespace = "io.capawesome.capacitorjs.plugins.applesignin"
+    compileSdk = project.hasProperty('compileSdkVersion') ? rootProject.ext.compileSdkVersion : 36
+    defaultConfig {
+        minSdkVersion project.hasProperty('minSdkVersion') ? rootProject.ext.minSdkVersion : 24
+        targetSdkVersion project.hasProperty('targetSdkVersion') ? rootProject.ext.targetSdkVersion : 36
+        versionCode 1
+        versionName "1.0"
+        testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
+    }
+    buildTypes {
+        release {
+            minifyEnabled false
+            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
+        }
+    }
+    lintOptions {
+        abortOnError = false
+    }
+    compileOptions {
+        sourceCompatibility JavaVersion.VERSION_21
+        targetCompatibility JavaVersion.VERSION_21
+    }
+}
+repositories {
+    google()
+    mavenCentral()
+}
+dependencies {
+    implementation fileTree(dir: 'libs', include: ['*.jar'])
+    implementation project(':capacitor-android')
+    implementation "androidx.appcompat:appcompat:$androidxAppCompatVersion"
+    testImplementation "junit:junit:$junitVersion"
+    androidTestImplementation "androidx.test.ext:junit:$androidxJunitVersion"
+    androidTestImplementation "androidx.test.espresso:espresso-core:$androidxEspressoCoreVersion"
+}

package/android/src/main/AndroidManifest.xml ADDED Viewed

@@ -0,0 +1,9 @@
+<manifest xmlns:android="http://schemas.android.com/apk/res/android">
+    <uses-permission android:name="android.permission.INTERNET" />
+    <application>
+        <activity
+            android:name=".AppleSignInActivity"
+            android:exported="false"
+            android:theme="@style/Theme.AppCompat.Light.NoActionBar" />
+    </application>
+</manifest>

package/android/src/main/java/io/capawesome/capacitorjs/plugins/applesignin/AppleSignIn.java ADDED Viewed

@@ -0,0 +1,98 @@
+package io.capawesome.capacitorjs.plugins.applesignin;
+import android.content.Intent;
+import android.net.Uri;
+import android.util.Base64;
+import androidx.annotation.NonNull;
+import androidx.annotation.Nullable;
+import io.capawesome.capacitorjs.plugins.applesignin.classes.CustomExceptions;
+import io.capawesome.capacitorjs.plugins.applesignin.classes.options.SignInOptions;
+import io.capawesome.capacitorjs.plugins.applesignin.classes.results.SignInResult;
+import io.capawesome.capacitorjs.plugins.applesignin.interfaces.NonEmptyResultCallback;
+import java.nio.charset.StandardCharsets;
+import java.util.List;
+import org.json.JSONObject;
+public class AppleSignIn {
+    private static final String AUTH_URL = "https://appleid.apple.com/auth/authorize";
+    @Nullable
+    private String clientId;
+    public void initialize(@NonNull String clientId) {
+        this.clientId = clientId;
+    }
+    @NonNull
+    public String buildAuthUrl(@NonNull SignInOptions options) throws Exception {
+        if (clientId == null) {
+            throw CustomExceptions.CLIENT_ID_MISSING;
+        }
+        Uri.Builder builder = Uri.parse(AUTH_URL)
+            .buildUpon()
+            .appendQueryParameter("client_id", clientId)
+            .appendQueryParameter("redirect_uri", options.getRedirectUrl())
+            .appendQueryParameter("response_type", "code id_token")
+            .appendQueryParameter("response_mode", "form_post");
+        List<String> scopes = options.getScopes();
+        if (!scopes.isEmpty()) {
+            builder.appendQueryParameter("scope", String.join(" ", scopes));
+        }
+        String nonce = options.getNonce();
+        if (nonce != null) {
+            builder.appendQueryParameter("nonce", nonce);
+        }
+        String state = options.getState();
+        if (state != null) {
+            builder.appendQueryParameter("state", state);
+        }
+        return builder.build().toString();
+    }
+    public void handleActivityResult(int resultCode, @Nullable Intent data, @NonNull NonEmptyResultCallback<SignInResult> callback) {
+        if (resultCode != android.app.Activity.RESULT_OK || data == null) {
+            callback.error(CustomExceptions.SIGN_IN_CANCELED);
+            return;
+        }
+        String authorizationCode = data.getStringExtra(AppleSignInActivity.EXTRA_AUTHORIZATION_CODE);
+        String idToken = data.getStringExtra(AppleSignInActivity.EXTRA_ID_TOKEN);
+        String state = data.getStringExtra(AppleSignInActivity.EXTRA_STATE);
+        String email = data.getStringExtra(AppleSignInActivity.EXTRA_EMAIL);
+        String givenName = data.getStringExtra(AppleSignInActivity.EXTRA_GIVEN_NAME);
+        String familyName = data.getStringExtra(AppleSignInActivity.EXTRA_FAMILY_NAME);
+        if (authorizationCode == null || idToken == null) {
+            callback.error(CustomExceptions.SIGN_IN_FAILED);
+            return;
+        }
+        String user = null;
+        try {
+            JSONObject payload = decodeJwtPayload(idToken);
+            user = payload.getString("sub");
+            if (email == null) {
+                email = payload.optString("email", null);
+            }
+        } catch (Exception e) {
+            callback.error(CustomExceptions.SIGN_IN_FAILED);
+            return;
+        }
+        SignInResult result = new SignInResult(authorizationCode, idToken, user, email, givenName, familyName, state);
+        callback.success(result);
+    }
+    @NonNull
+    private static JSONObject decodeJwtPayload(@NonNull String jwt) throws Exception {
+        String[] parts = jwt.split("\\.");
+        byte[] decoded = Base64.decode(parts[1], Base64.URL_SAFE | Base64.NO_PADDING | Base64.NO_WRAP);
+        return new JSONObject(new String(decoded, StandardCharsets.UTF_8));
+    }
+}