apple

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 28, 2020 License: Apache-2.0 Imports: 12 Imported by: 0

README

Apple 登录验证

根据code验证

var (
    code string
    uid string 
)


//验证
secret, _ := apple.GenerateClientSecret(secret, teamID, clientID, keyID)

//
client := apple.NewClient()

vReq := apple.AppValidationTokenRequest{
	ClientID:     clientID,
	ClientSecret: secret,
	Code:         code, // code值
}

var resp apple.ValidationResponse

// 验证
client.VerifyAppToken(context.Background(), vReq, &resp)

// 获取用户信息

unique, _ := apple.GetUniqueID(resp.IDToken)

// 验证是否同一个用户
if unique!=uid{
    return
}


fmt.Println(unique)

Documentation

Index

Constants

View Source 
const (
	// ValidationURL is the endpoint for verifying tokens
	ValidationURL string = "https://appleid.apple.com/auth/token"
	// ContentType is the one expected by Apple
	ContentType string = "application/x-www-form-urlencoded"
	// UserAgent is required by Apple or the request will fail
	UserAgent string = "go-sign-with-apple"
	// AcceptHeader is the content that we are willing to accept
	AcceptHeader string = "application/json"
)

Variables

This section is empty.

Functions

func GenerateClientSecret 

func GenerateClientSecret(secret, teamID, clientID, keyID string) (string, error)

GenerateClientSecret generates the client secret used to make requests to the validation server. The secret expires after 6 months secret - Private key from Apple obtained by going to the keys section of the developer section teamID - Your 10-character Team ID clientID - Your Services ID, e.g. com.aaronparecki.services keyID - Find the 10-char Key ID value from the portal

func GetClaims 

func GetClaims(idToken string) (*jwt.Claims, error)

GetClaims decodes the id_token response and returns the JWT claims to identify the user

func GetUniqueID 

func GetUniqueID(idToken string) (string, error)

GetUniqueID decodes the id_token response and returns the unique subject ID to identify the user

Types

type AppValidationTokenRequest 

type AppValidationTokenRequest struct {
	// ClientID is the package name of your app
	ClientID string

	// ClientSecret is secret generated as a JSON Web Token that uses the secret key generated by the WWDR portal.
	// It can also be generated using the GenerateClientSecret function provided in this package
	ClientSecret string

	// Code is the authorization code received from your application’s user agent.
	// The code is single use only and valid for five minutes.
	Code string
}

AppValidationTokenRequest is based off of https://developer.apple.com/documentation/signinwithapplerestapi/generate_and_validate_tokens

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client implements ValidationClient

func NewClient 

func NewClient() *Client

NewClient creates a Client object

func NewWithURL 

func NewWithURL(url string) *Client

NewWithURL creates a Client object with a custom URL provided

func (*Client) VerifyAppToken 

func (c *Client) VerifyAppToken(ctx context.Context, reqBody AppValidationTokenRequest, result interface{}) error

VerifyAppToken sends the AppValidationTokenRequest and gets validation result

func (*Client) VerifyRefreshToken 

func (c *Client) VerifyRefreshToken(ctx context.Context, reqBody ValidationRefreshRequest, result interface{}) error

VerifyRefreshToken sends the WebValidationTokenRequest and gets validation result

func (*Client) VerifyWebToken 

func (c *Client) VerifyWebToken(ctx context.Context, reqBody WebValidationTokenRequest, result interface{}) error

VerifyWebToken sends the WebValidationTokenRequest and gets validation result

type RefreshResponse 

type RefreshResponse struct {
	// (Reserved for future use) A token used to access allowed data. Currently, no data set has been defined for access.
	AccessToken string `json:"access_token"`

	// The type of access token. It will always be "bearer".
	TokenType string `json:"token_type"`

	// The amount of time, in seconds, before the access token expires. You can revalidate with this token
	ExpiresIn int `json:"expires_in"`

	// Used to capture any error returned by the endpoint. Do not trust the response if this error is not nil
	Error string `json:"error"`
}

RefreshResponse is a subset of ValidationResponse returned by Apple

type ValidationClient 

type ValidationClient interface {
	VerifyWebToken(ctx context.Context, reqBody WebValidationTokenRequest, result interface{}) error
	VerifyAppToken(ctx context.Context, reqBody AppValidationTokenRequest, result interface{}) error
	VerifyRefreshToken(ctx context.Context, reqBody ValidationRefreshRequest, result interface{}) error
}

ValidationClient is an interface to call the validation API

type ValidationRefreshRequest 

type ValidationRefreshRequest struct {
	// ClientID is the "Services ID" value that you get when navigating to your "sign in with Apple"-enabled service ID
	ClientID string

	// ClientSecret is secret generated as a JSON Web Token that uses the secret key generated by the WWDR portal.
	// It can also be generated using the GenerateClientSecret function provided in this package
	ClientSecret string

	// RefreshToken is the refresh token given during a previous validation
	RefreshToken string
}

ValidationRefreshRequest is based off of https://developer.apple.com/documentation/signinwithapplerestapi/generate_and_validate_tokens

type ValidationResponse 

type ValidationResponse struct {
	// (Reserved for future use) A token used to access allowed data. Currently, no data set has been defined for access.
	AccessToken string `json:"access_token"`

	// The type of access token. It will always be "bearer".
	TokenType string `json:"token_type"`

	// The amount of time, in seconds, before the access token expires. You can revalidate with the "RefreshToken"
	ExpiresIn int `json:"expires_in"`

	// The refresh token used to regenerate new access tokens. Store this token securely on your server.
	RefreshToken string `json:"refresh_token"`

	// A JSON Web Token that contains the user’s identity information.
	IDToken string `json:"id_token"`

	// Used to capture any error returned by the endpoint. Do not trust the response if this error is not nil
	Error string `json:"error"`
}

ValidationResponse is based off of https://developer.apple.com/documentation/signinwithapplerestapi/tokenresponse

type WebValidationTokenRequest 

type WebValidationTokenRequest struct {
	// ClientID is the "Services ID" value that you get when navigating to your "sign in with Apple"-enabled service ID
	ClientID string

	// ClientSecret is secret generated as a JSON Web Token that uses the secret key generated by the WWDR portal.
	// It can also be generated using the GenerateClientSecret function provided in this package
	ClientSecret string

	// Code is the authorization code received from your application’s user agent.
	// The code is single use only and valid for five minutes.
	Code string

	// RedirectURI is the destination URI the code was originally sent to.
	// Redirect URLs must be registered with Apple. You can register up to 10. Apple will throw an error with IP address
	// URLs on the authorization screen, and will not let you add localhost in the developer portal.
	RedirectURI string
}

WebValidationTokenRequest is based off of https://developer.apple.com/documentation/signinwithapplerestapi/generate_and_validate_tokens

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.