feat: add apple sign-in (#59)

aecorredor · web-flow · commit 3ad50d2a55d3 · 2020-07-17T14:32:39.000+02:00
diff --git a/README.md b/README.md
@@ -48,6 +48,7 @@ fastify.get('/login/facebook/callback', async function (request, reply) {
 
 You can choose some default setup to assign to `auth` option.
 
+- `APPLE_CONFIGURATION`
 - `FACEBOOK_CONFIGURATION`
 - `GITHUB_CONFIGURATION`
 - `LINKEDIN_CONFIGURATION`
diff --git a/examples/apple.js b/examples/apple.js
@@ -0,0 +1,60 @@
+'use strict'
+
+// This example assumes the use of the npm package apple-signin in your code.
+// This library is not included with fastify-oauth2. If you wish to implement
+// the verification part of Apple's Sign In REST API yourself,
+// look at https://github.com/Techofficer/node-apple-signin to see how they did
+// it, or look at https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api
+// for more details on how to do it from scratch.
+
+const fastify = require('fastify')({ logger: { level: 'trace' } })
+const appleSignin = require('apple-signin')
+
+const oauthPlugin = require('..')
+
+const CLIENT_ID = '<CLIENT_ID>'
+
+fastify.register(oauthPlugin, {
+  name: 'appleOAuth2',
+  credentials: {
+    client: {
+      id: CLIENT_ID,
+      // See https://github.com/Techofficer/node-apple-signin/blob/master/source/index.js
+      // for how to create the secret.
+      secret: '<CLIENT_SECRET>'
+    },
+    auth: oauthPlugin.APPLE_CONFIGURATION
+  },
+  startRedirectPath: '/login/apple',
+  callbackUri: 'http://localhost:3000/login/apple/callback'
+})
+
+fastify.get('/login/apple/callback', function (request, reply) {
+  this.appleOAuth2.getAccessTokenFromAuthorizationCodeFlow(
+    request,
+    (err, result) => {
+      if (err) {
+        reply.send(err)
+        return
+      }
+
+      appleSignin.verifyIdToken(
+        result.id_token,
+        CLIENT_ID
+      )
+        .then(payload => {
+          // Find all the available fields (like email) in
+          // https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api/authenticating_users_with_sign_in_with_apple
+          const userAppleId = payload.sub
+
+          reply.send(userAppleId)
+        })
+        .catch(err => {
+          // Token is not verified
+          reply.send(err)
+        })
+    }
+  )
+})
+
+fastify.listen(3000)
diff --git a/index.d.ts b/index.d.ts
@@ -7,6 +7,7 @@ declare function fastifyOauth2 (
 ): void;
 
 declare namespace fastifyOauth2 {
+  const APPLE_CONFIGURATION: ProviderConfiguration;
   const FACEBOOK_CONFIGURATION: ProviderConfiguration;
   const GITHUB_CONFIGURATION: ProviderConfiguration;
   const LINKEDIN_CONFIGURATION: ProviderConfiguration;
diff --git a/index.js b/index.js
@@ -137,6 +137,13 @@ const oauthPlugin = fp(function (fastify, options, next) {
   name: 'fastify-oauth2'
 })
 
+oauthPlugin.APPLE_CONFIGURATION = {
+  authorizeHost: 'https://appleid.apple.com',
+  authorizePath: '/auth/authorize',
+  tokenHost: 'https://appleid.apple.com',
+  tokenPath: '/auth/token'
+}
+
 oauthPlugin.FACEBOOK_CONFIGURATION = {
   authorizeHost: 'https://facebook.com',
   authorizePath: '/v6.0/dialog/oauth',
