feat: support apple sign in

Author: russellwheatley

FirebaseSwiftUI/FirebaseAppleSwiftUI/Sources/Services/AccountService+Apple.swift

@@ -20,7 +20,6 @@ extension AppleOperationReauthentication {
     }
 
     do {
-      // TODO: Implement Apple reauthentication
       let credential = try await appleProvider.createAuthCredential()
       try await user.reauthenticate(with: credential)
 
@@ -40,7 +39,6 @@ class AppleDeleteUserOperation: AuthenticatedOperation,
   }
 
   func callAsFunction(on user: User) async throws {
-    // TODO: Implement delete user operation
     try await callAsFunction(on: user) {
       try await user.delete()
     }

FirebaseSwiftUI/FirebaseAppleSwiftUI/Sources/Services/AppleProviderAuthUI.swift

@@ -12,11 +12,103 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+import AuthenticationServices
+import CryptoKit
 import FirebaseAuth
 import FirebaseAuthSwiftUI
 import FirebaseCore
 import SwiftUI
 
+// MARK: - Data Extensions
+
+extension Data {
+  var utf8String: String? {
+    return String(data: self, encoding: .utf8)
+  }
+}
+
+extension ASAuthorizationAppleIDCredential {
+  var authorizationCodeString: String? {
+    return authorizationCode?.utf8String
+  }
+
+  var idTokenString: String? {
+    return identityToken?.utf8String
+  }
+}
+
+// MARK: - Authenticate With Apple Dialog
+
+private func authenticateWithApple() async throws -> (ASAuthorizationAppleIDCredential, String) {
+  return try await AuthenticateWithAppleDialog().authenticate()
+}
+
+private class AuthenticateWithAppleDialog: NSObject {
+  private var continuation: CheckedContinuation<(ASAuthorizationAppleIDCredential, String), Error>?
+  private var currentNonce: String?
+
+  func authenticate() async throws -> (ASAuthorizationAppleIDCredential, String) {
+    return try await withCheckedThrowingContinuation { continuation in
+      self.continuation = continuation
+
+      let appleIDProvider = ASAuthorizationAppleIDProvider()
+      let request = appleIDProvider.createRequest()
+      request.requestedScopes = [.fullName, .email]
+
+      do {
+        let nonce = try CryptoUtils.randomNonceString()
+        currentNonce = nonce
+        request.nonce = CryptoUtils.sha256(nonce)
+      } catch {
+        continuation.resume(throwing: AuthServiceError.signInFailed(underlying: error))
+        return
+      }
+
+      let authorizationController = ASAuthorizationController(authorizationRequests: [request])
+      authorizationController.delegate = self
+      authorizationController.performRequests()
+    }
+  }
+}
+
+extension AuthenticateWithAppleDialog: ASAuthorizationControllerDelegate {
+  func authorizationController(
+    controller: ASAuthorizationController,
+    didCompleteWithAuthorization authorization: ASAuthorization
+  ) {
+    if let appleIDCredential = authorization.credential as? ASAuthorizationAppleIDCredential {
+      if let nonce = currentNonce {
+        continuation?.resume(returning: (appleIDCredential, nonce))
+      } else {
+        continuation?.resume(
+          throwing: AuthServiceError.signInFailed(
+            underlying: NSError(
+              domain: "AppleSignIn",
+              code: -1,
+              userInfo: [NSLocalizedDescriptionKey: "Missing nonce"]
+            )
+          )
+        )
+      }
+    } else {
+      continuation?.resume(
+        throwing: AuthServiceError.invalidCredentials("Missing Apple ID credential")
+      )
+    }
+    continuation = nil
+  }
+
+  func authorizationController(
+    controller: ASAuthorizationController,
+    didCompleteWithError error: Error
+  ) {
+    continuation?.resume(throwing: AuthServiceError.signInFailed(underlying: error))
+    continuation = nil
+  }
+}
+
+// MARK: - Apple Provider Swift
+
 public class AppleProviderSwift: AuthProviderSwift, DeleteUserSwift {
   public let scopes: [String]
   let providerId = "apple.com"
@@ -26,27 +118,22 @@ public class AppleProviderSwift: AuthProviderSwift, DeleteUserSwift {
   }
 
   @MainActor public func createAuthCredential() async throws -> AuthCredential {
-    // TODO: Implement Apple Sign In credential creation
-    // This will need to use ASAuthorizationAppleIDProvider
-    let provider = OAuthProvider(providerID: providerId)
-    return try await withCheckedThrowingContinuation { continuation in
-      provider.getCredentialWith(nil) { credential, error in
-        if let error {
-          continuation
-            .resume(throwing: AuthServiceError.signInFailed(underlying: error))
-        } else if let credential {
-          continuation.resume(returning: credential)
-        } else {
-          continuation
-            .resume(throwing: AuthServiceError
-              .invalidCredentials("Apple did not provide a valid AuthCredential"))
-        }
-      }
+    let (appleIDCredential, nonce) = try await authenticateWithApple()
+
+    guard let idTokenString = appleIDCredential.idTokenString else {
+      throw AuthServiceError.invalidCredentials("Unable to fetch identity token from Apple")
     }
+
+    let credential = OAuthProvider.appleCredential(
+      withIDToken: idTokenString,
+      rawNonce: nonce,
+      fullName: appleIDCredential.fullName
+    )
+
+    return credential
   }
 
   public func deleteUser(user: User) async throws {
-    // TODO: Implement delete user functionality
     let operation = AppleDeleteUserOperation(appleProvider: self)
     try await operation(on: user)
   }

FirebaseSwiftUI/FirebaseAppleSwiftUI/Sources/Services/AuthService+Apple.swift

@@ -24,7 +24,6 @@ import FirebaseAuthSwiftUI
 public extension AuthService {
   @discardableResult
   func withAppleSignIn(_ provider: AppleProviderSwift? = nil) -> AuthService {
-    // TODO: Register Apple provider with authentication service
     registerProvider(providerWithButton: AppleProviderAuthUI(provider: provider ??
         AppleProviderSwift()))
     return self

FirebaseSwiftUI/FirebaseAppleSwiftUI/Sources/Services/CryptoUtils.swift

@@ -0,0 +1,53 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import Foundation
+import CryptoKit
+
+/// Set of utility APIs for generating cryptographical artifacts.
+enum CryptoUtils {
+  enum NonceGenerationError: Error {
+    case generationFailure(status: OSStatus)
+  }
+
+  static func randomNonceString(length: Int = 32) throws -> String {
+    precondition(length > 0)
+    var randomBytes = [UInt8](repeating: 0, count: length)
+    let errorCode = SecRandomCopyBytes(kSecRandomDefault, randomBytes.count, &randomBytes)
+    if errorCode != errSecSuccess {
+      throw NonceGenerationError.generationFailure(status: errorCode)
+    }
+
+    let charset: [Character] =
+      Array("0123456789ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvwxyz-._")
+
+    let nonce = randomBytes.map { byte in
+      // Pick a random character from the set, wrapping around if needed.
+      charset[Int(byte) % charset.count]
+    }
+
+    return String(nonce)
+  }
+
+  static func sha256(_ input: String) -> String {
+    let inputData = Data(input.utf8)
+    let hashedData = SHA256.hash(data: inputData)
+    let hashString = hashedData.compactMap {
+      String(format: "%02x", $0)
+    }.joined()
+
+    return hashString
+  }
+}
+

FirebaseSwiftUI/FirebaseAppleSwiftUI/Sources/Views/SignInWithAppleButton.swift

@@ -28,13 +28,11 @@ public struct SignInWithAppleButton {
 extension SignInWithAppleButton: View {
   public var body: some View {
     Button(action: {
-      // TODO: Implement sign in with Apple action
       Task {
         try await authService.signIn(provider)
       }
     }) {
       HStack {
-        // TODO: Add Apple logo image
         Image(systemName: "apple.logo")
           .resizable()
           .renderingMode(.template)