Add a very basic Sign In with Apple provider based on currently available information.

Fully implement the provider for Sign In with Apple based on current available functionality.

Enable Sign In with Apple in the MVC sample app without hard-coding secrets.

Update the tests for the updated provider implementation.
Fix incorrect test method name.

Enable the validation of token lifetimes.

Add [NotNull] attributes to relevant methods.

Pre-validate the ID token has a value.
Change catch clause to improve logging.

Extend the integration tests for additional scenarios such as no validation, invalid tokens and using a configured client secret.

Move the configured lifetime for generated client secrets to the options class.

Add validation for the value of ClientSecretExpiresAfter.

Add unit tests for options validation.
Improve exception type.
Fix incorrect if condition that meant not all values were validated correctly.

Add unit tests for the generated client secret's format.

Make the KeyId option required if GenerateClientSecret is true.

Fix the expiry not being set.

Work around platform differences between Windows and Linux/macOS by supporting .p12/.pfx certificates for Linux/macOS and using p8 for Windows.
.NET Core 3.0 adds support for .p8 on both platforms.

Add an option for specifying a password for PFX files.
Add a test private key that has a password for use on macOS.

Fix flaky test by setting the expiry to 2 seconds to eliminate rounding issues.

Add UsePrivateKey() extension method that configures a private key file to use to auto-generate client secrets.

Bump System.IdentityModel.Tokens.Jwt to 5.3.0 to ensure that incompatibility with .NET Standard 1.4 doesn't affect consumers.

React to changes Apple have made to the sign-in service, and use form_post as the response mode.
This requires reimplementing HandleRemoteAuthenticateAsync() by using either for Form or Query based on whether it is an HTTP POST.

Fix the build by enabling the latest version of C#.

Get the user's name and email address, if available, as claims after signing in with an Apple ID. These details are only available the first time the user signs in; if they are not persisted they cannot currently be obtained again.

Use "Sign in with Apple" instead of "Sign In with Apple".

Use the same approach as the other OAuth handlers and access the Events property via the Options property.

Remove TODO comment.
Check whether Trace logging is enabled before logging the Apple token response.

Comment out the Apple provider as it causes the application to fail to start if the values aren't set and/or the key file does not exist.