-
Notifications
You must be signed in to change notification settings - Fork 13
/
apple.go
88 lines (71 loc) · 1.72 KB
/
apple.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package social
import (
"context"
"fmt"
"github.com/Timothylock/go-signin-with-apple/apple"
)
type Apple struct {
teamID string
clientID string
androidClientID string
keyID string
privateKey string
}
func NewAppleSocial(
teamID string,
clientID string,
androidClientID string,
keyID string,
privateKey string,
) IUserData {
return &Apple{
teamID: teamID,
clientID: clientID,
androidClientID: androidClientID,
keyID: keyID,
privateKey: privateKey,
}
}
func (a *Apple) GetUserData(ctx context.Context, token string, isAndroid bool) (*UserData, error) {
if isAndroid && a.androidClientID == "" {
return nil, fmt.Errorf("you must set androidClientID")
}
if !isAndroid && a.clientID == "" {
return nil, fmt.Errorf("you must set clientID")
}
clientID := a.clientID
if isAndroid {
clientID = a.androidClientID
}
secret, err := apple.GenerateClientSecret(a.privateKey, a.teamID, clientID, a.keyID)
if err != nil {
return nil, err
}
client := apple.New()
req := apple.AppValidationTokenRequest{
ClientID: clientID,
ClientSecret: secret,
Code: token,
}
var resp apple.ValidationResponse
err = client.VerifyAppToken(ctx, req, &resp)
if err != nil {
return nil, err
}
if resp.Error != "" {
return nil, fmt.Errorf(resp.Error)
}
claim, err := apple.GetClaims(resp.IDToken)
if err != nil {
return nil, err
}
idClaim, ok := (*claim)["sub"]
if !ok {
return nil, fmt.Errorf("apple returned claims with 'sub' missling")
}
emailClaim, ok := (*claim)["email"]
if !ok {
return nil, fmt.Errorf("apple returned claims with 'email' missling")
}
return &UserData{ID: idClaim.(string), Email: emailClaim.(string)}, nil
}