Add this line to your Gemfile:
gem 'apple_auth'
And then execute:
$ bundle install
Or install it yourself:
$ gem install apple_auth
After installing the gem, you need to run this generator.
$ rails g apple_auth:config
This will generate a new initializer: apple_auth.rb
with the following default configuration:
AppleAuth.configure do |config|
# config.apple_client_id = <Your client_id in your Apple Developer account>
# config.apple_private_key = <Your private key provided by Apple>
# config.apple_key_id = <Your kid provided by Apple>
# config.apple_team_id = <Your team id provided by Apple>
# config.redirect_uri = <Your app redicrect url>
end
Set your different credentials in the file by uncommenting the lines and adding your keys.
Here's an example of how to configure the gem:
AppleAuth.configure do |config|
config.apple_client_id = 'com.yourapp...'
config.apple_private_key = "-----BEGIN PRIVATE KEY-----\nMIGTAgEA....\n-----END PRIVATE KEY-----"
config.apple_key_id = 'RTZ...'
config.apple_team_id = 'WNU...'
config.redirect_uri = 'https://localhost:3000'
end
We strongly recommend to use environment variables for these values.
Apple sign-in workflow:
For more information, check the Apple oficial documentation.
Validate JWT token and get user information:
# with a valid JWT
user_id = '000343.1d22d2937c7a4e56806dfb802b06c430...'
valid_jwt_token = 'eyJraWQiOiI4NkQ4OEtmIiwiYWxnIjoiUlMyNTYifQ.eyJpc...'
AppleAuth::UserIdentity.new(user_id, valid_jwt_token).validate!
>> { exp: 1595279622, email: "[email protected]", email_verified: true , ...}
# with an invalid JWT
invalid_jwt_token = 'eyJraWQiOiI4NkQsd4OEtmIiwiYWxnIjoiUlMyNTYifQ.edsyJpc...'
AppleAuth::UserIdentity.new(user_id, invalid_jwt_token).validate!
>> Traceback (most recent call last):..
>> ...
>> AppleAuth::Conditions::JWTValidationError
Verify user identity and get access and refresh tokens:
code = 'cfb77c21ecd444390a2c214cd33decdfb.0.mr...'
AppleAuth::Token.new(code).authenticate!
>> { access_token: "a7058d...", expires_at: 1595894672, refresh_token: "r8f1ce..." }
If you are using devise_token_auth gem, run this generator.
$ rails g apple_sign_in:appple_auth_controller [scope]
In the scope you need to write your path from controllers to your existent devise controllers.
An example $ rails g apple_auth:appple_auth_controller api/v1/
This will generate a new controller: controllers/api/v1/apple_auth_controller.rb
.
You should configure the route, you can wrap it in the devise_scope block like:
devise_scope :user do
resource :user, only: %i[update show] do
controller :apple_auth do
post :apple_auth, on: :collection, to: 'apple_auth#create'
end
end
end
You can find a full implementation of this gem in this demo.
After checking out the repo, run bin/setup
to install dependencies. Then, run rake spec
to run the tests. You can also run bin/console
for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/rootstrap/apple_auth/issues. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the code of conduct.
The gem is available as open source under the terms of the MIT License.
Everyone interacting in the AppleAuth project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.
apple_auth gem is maintained by Rootstrap with the help of our contributors.