search

aspnet-contrib / AspNet.Security.OAuth.Providers

OAuth 2.0 social authentication providers for ASP.NET Core
Apache License 2.0
2.38k stars 539 forks source link

Support for Apple Sign-in #314

Closed leastprivilege closed 5 years ago

leastprivilege commented 5 years ago

I think it's about time that this repo also supports Apple Sign-in.

Please implement ;)

https://github.com/IdentityServer/IdentityServer4/issues/3312#issuecomment-498566609

martincostello commented 5 years ago

I wondered how long until someone asked about this... 😄

I haven't read up on the implementation details yet - is it OAuth 2.0 based?

kevinchalet commented 5 years ago

Please implement ;)

Well, you know how it works 😄

I haven't read up on the implementation details yet - is it OAuth 2.0 based?

Yeah, it's an OpenID Connect code flow with a non-standard client authentication logic, inspired by OIDC's private_key_jwt method. Oh, and there's no discovery endpoint (but there's a JWKS doc' at https://appleid.apple.com/auth/keys)

martincostello commented 5 years ago

Fun - I might take a look at the weekend and see how long it takes my eyes to bleed 😄

leastprivilege commented 5 years ago

https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple

martincostello commented 5 years ago

@leastprivilege Thanks!

blowdart commented 5 years ago

Auth0 broke down how the client ID works

https://auth0.com/blog/what-is-sign-in-with-apple-a-new-identity-provider/

martincostello commented 5 years ago

Skeleton 💀 implementation begun in #318.

dbevan-kabam commented 5 years ago

@martincostello, just trying this and I'm getting System.Exception: An error was encountered while handling the remote login. ---> System.Exception: The oauth state was missing or invalid. I also get this on your sample app https://github.com/martincostello/SignInWithAppleSample. Maybe something has changed their end or I'm doing something incorrectly?

martincostello commented 5 years ago

@dbevan-kabam I've seen some mention in others' blog posts about the scopes being set on the first request for a user causing issues (at least, I think it was the scopes), but I couldn't replicate it myself.

You could try clearing the scopes and seeing if that fixes it?

https://github.com/martincostello/SignInWithAppleSample/blob/20191322779c989c98ac1d0e50442526c52b2125/src/SignInWithApple/Apple/AppleAuthenticationOptions.cs#L31-L32

martincostello commented 5 years ago

Releases of the Apple provider are available for ASP.NET Core 2.x and ASP.NET Core 3.0 in MyGet:

zicjin commented 5 years ago

Can we get a jwt simple?

martincostello commented 5 years ago

@zicjin There’s some examples in the tests: https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers/blob/dev/test/AspNet.Security.OAuth.Providers.Tests/Apple/bundle.json#L30

martincostello commented 5 years ago

Publishing the 2.2.0 and 3.0.0 versions of this package may be delayed, as another user has uploaded a prerelease version of the package to NuGet.org so we won't have permission to publish additional versions without either a rename or them transferring ownership and/or granting co-ownership of the package.

I've reached out to the user via the "Contact owners" feature in NuGet.org.

You sent the following message via NuGet Gallery: User martin_costello sends the following message to the owners of Package 'AspNet.Security.OAuth.Apple 2.1.1-preview'.

Hi,

Would you please consider transferring the package Id to the aspnet-contrib organisation/user (or making it a co-owner) please?

We're unable to publish the final 2.2 and 3.0 versions of this package as the package Id has been claimed by you.

Regards, Martin

/cc @PinpointTownes

kevinchalet commented 5 years ago

We received a package ownership request last month for the Apple package. I just accepted it so we should be able to push new versions without hitting permission issues.

Le 12 oct. 2019 à 12:10, Martin Costello notifications@github.com a écrit :

Publishing the 2.2.0 and 3.0.0 versions of this package may be delayed, as another user has uploaded a prerelease version of the package to NuGet.org so we won't have permission to publish additional versions without either a rename or them transferring ownership and/or granting co-ownership of the package.

I've reached out to the user via the "Contact owners" feature in NuGet.org.

You sent the following message via NuGet Gallery: User martin_costello sends the following message to the owners of Package 'AspNet.Security.OAuth.Apple 2.1.1-preview'.

Hi,

Would you please consider transferring the package Id to the aspnet-contrib organisation/user (or making it a co-owner) please?

We're unable to publish the final 2.2 and 3.0 versions of this package as the package Id has been claimed by you.

Regards, Martin

/cc @PinpointTownes

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.

martincostello commented 5 years ago

Packages for Sign In with Apple are now available for ASP.NET Core 2.1+ and 3.0 in NuGet.org:

suencien commented 4 years ago

Hi guys, does anyone have reference to ASP.NET Web Forms version with OpenId Connect?