Merge pull request #582 from stytchauth/authenticate-with-apple-only

nidal-stytch · web-flow · commit 159215ee5362 · 2025-11-13T13:11:10.000-05:00
Add authenticateWithApple to apple oauth
diff --git a/Sources/StytchCore/Generated/StytchClient.OAuth.Apple.authenticateWithApple+AsyncVariants.generated.swift b/Sources/StytchCore/Generated/StytchClient.OAuth.Apple.authenticateWithApple+AsyncVariants.generated.swift
@@ -0,0 +1,35 @@
+// Generated using Sourcery 2.0.2 — https://github.com/krzysztofzablocki/Sourcery
+// DO NOT EDIT
+import Combine
+import Foundation
+
+public extension StytchClient.OAuth.Apple {
+    /// This function is intended for rare cases where you must authenticate with Apple only and collect the JWT.
+    /// This function will not create a Stytch user.
+    func authenticateWithApple(completion: @escaping Completion<String>) {
+        Task {
+            do {
+                completion(.success(try await authenticateWithApple()))
+            } catch {
+                completion(.failure(error))
+            }
+        }
+    }
+
+    /// This function is intended for rare cases where you must authenticate with Apple only and collect the JWT.
+    /// This function will not create a Stytch user.
+    func authenticateWithApple() -> AnyPublisher<String, Error> {
+        return Deferred {
+            Future({ promise in
+                Task {
+                    do {
+                        promise(.success(try await authenticateWithApple()))
+                    } catch {
+                        promise(.failure(error))
+                    }
+                }
+            })
+        }
+        .eraseToAnyPublisher()
+    }
+}
diff --git a/Sources/StytchCore/StytchClient/OAuth/OAuth+Apple.swift b/Sources/StytchCore/StytchClient/OAuth/OAuth+Apple.swift
@@ -59,6 +59,21 @@ public extension StytchClient.OAuth {
 
             return authenticateResponse
         }
+
+        // sourcery: AsyncVariants, (NOTE: - must use /// doc comment styling)
+        /// This function is intended for rare cases where you must authenticate with Apple only and collect the JWT.
+        /// This function will not create a Stytch user.
+        public func authenticateWithApple() async throws -> String {
+            let rawNonce = try cryptoClient.dataWithRandomBytesOfCount(32).toHexString()
+
+            let authenticateResult = try await appleOAuthClient.authenticate(
+                configureController: { _ in },
+                nonce: cryptoClient.sha256(Data(rawNonce.utf8)).base64EncodedString()
+            )
+
+            // the idToken is the JWT
+            return authenticateResult.idToken
+        }
     }
 }
 
