Open serebrov opened 2 years ago
Describe the bug
The state response field should be used to validate the Apple response (it should be the same as the state we send in request options).
state
Request: see the ASAuthorizationAppleIDRequest and parent ASAuthorizationOpenIDRequest in apple docs:
var state: String? Data that’s returned to you unmodified in the corresponding credential after a successful authentication.
Response: ASAuthorizationAppleIDCredential docs:
var state: String? An arbitrary string that your app provides to the request that generates the credential.
To Reproduce
Steps to reproduce the behavior:
Related code is here and the set of returned fields is:
"user": appleIDCredential.user, "email": appleIDCredential.email, "givenName": appleIDCredential.fullName?.givenName, "familyName": appleIDCredential.fullName?.familyName, "identityToken": String(data: appleIDCredential.identityToken!, encoding: .utf8), "authorizationCode": String(data: appleIDCredential.authorizationCode!, encoding: .utf8)
Where appleIDCredential is the ASAuthorizationAppleIDCredential object that has state in it.
appleIDCredential
Expected behavior
The state is present in the response data.
The solution should be to add:
"state": appleIDCredential.state,
to the response.
Describe the bug
The
stateresponse field should be used to validate the Apple response (it should be the same as thestatewe send in request options).Request: see the ASAuthorizationAppleIDRequest and parent ASAuthorizationOpenIDRequest in apple docs:
Response: ASAuthorizationAppleIDCredential docs:
To Reproduce
Steps to reproduce the behavior:
statefield in it.Related code is here and the set of returned fields is:
Where
appleIDCredentialis the ASAuthorizationAppleIDCredential object that has state in it.Expected behavior
The
stateis present in the response data.The solution should be to add:
to the response.