Sign In With Apple - Name is not available in the ClaimsIdentity#2442
Sign In With Apple - Name is not available in the ClaimsIdentity#2442anarian wants to merge 1 commit intoopeniddict:devfrom
Conversation
|
Thanks for your PR. Not extracting the |
| // Note: Apple returns a non-standard "name" claim formatted as a JSON object. | ||
| else if (context.Registration.ProviderType is ProviderTypes.Apple) | ||
| { | ||
| var name = context.Response[Claims.Name]; |
There was a problem hiding this comment.
Hum, I don't think it does what you want: this handler exclusively deals with parameters present in the userinfo response, not the authorization response. Unless Apple has decided to fix their horrible implementation, the user node is part of the authorization response, not the userinfo response.
To work around this stupid limitation, you can use ngrok or Microsoft's Dev Tunnels.
Are you seeing any particular error message? |
|
Thanks for having a look at this. Apple is still using the non-standard node for the information, so I decided to use two custom event handlers to handle this instead. If you're interested in having a look, I'll push the changes to my remote branch and leave that solution there if anyone else encounters this error in the future. |
2 participants
Sign In With Apple provides the name as JSON object. They only provide this on the first sign up with to the app, afterwards they stop providing this unless you delete the app from your iOS settings or Apple account settings.
I wasn't able to test this using the sandbox console client, Sign In With Apple requires HTTPS return URLs, I'm not able to specify a localhost URL. I'm also having trouble building the binaries locally to run with my web application.
Similar to my last PR for Clever, I added the remapping here to handle this. I also added
"name"to theScopesconstant since this was hardcoded as a string inOverrideResponseMode, and required withOpenIddictClientWebIntegrationBuilder.Apple.AddScopesfor Apple to provide the user's name.