search

dotnet / docs-maui

This repository contains documentation for .NET Multi-platform App UI (MAUI).
https://docs.microsoft.com/dotnet/maui
Creative Commons Attribution 4.0 International
230 stars 201 forks source link

Missing information on how to commence once having the Apple IdToken #2035

Open danielheddelin opened 10 months ago

danielheddelin commented 10 months ago

Type of issue

Missing information

Description

The Apple Sign In section mentions correctly that Apple does indeed not return an AccessToken and only an IdToken.

// Note that Apple Sign In has an IdToken and not an AccessToken
authToken += result?.AccessToken ?? result?.IdToken;

What is missing now is directions on where to go from here.

Apple Sign In uses the native sign in and not a web authenticator - as mentioned in the beginning of the example:

// Use Native Apple Sign In API's
result = await AppleSignInAuthenticator.AuthenticateAsync();

This means that - apart from with other providers such as Google auth - there is no redirect to a backend. The client gets the response directly and the IdToken.

Now the need to somehow obtain a JWT accesstoken remains in order to apply this as a Bearer token to all the future requests to the Api.

It's not kosher to generate a JWT client-side (something I also tried without managing to get the backend to accept the token), so I would like to know your suggestions on how to move forward with this.

Page URL

https://learn.microsoft.com/en-us/dotnet/maui/platform-integration/communication/authentication?view=net-maui-8.0&tabs=android

Content source URL

https://github.com/dotnet/docs-maui/blob/main/docs/platform-integration/communication/authentication.md

Document Version Independent Id

829bc017-4a10-6ca5-0717-e1e62f59aacc

Article author

@davidbritch

Metadata

davidbritch commented 10 months ago

Hi @danielheddelin

Agreed that some doc updates are needed here. In the meantime, this may help: https://learn.microsoft.com/en-us/xamarin/xamarin-forms/platform/sign-in-with-apple/android-ios-sign-in

danielheddelin commented 10 months ago

Great! Yes I am quite sure the old Xamarin approach would work just fine. Currently I picked Auth0 as an interim solution, awaiting the full native experience with the neat AppleSignInAuthenticator. Looking forward to these docs updates!

danielheddelin commented 9 months ago

@davidbritch To be fair, this is a lot more than just a doc-enhancement even though it might be doc-enhancement in practice. This issue contains the key for how to establish a native AppleID authorization flow entirely. Hence I believe it needs to be bumped in priority.

davidbritch commented 9 months ago

@danielheddelin Bumped. Being honest though, there's one of me and I have the work of multiple people on my shoulders so it could be a while before this happens.

danielheddelin commented 9 months ago

Full respect for that. My, perhaps naive, idea was that trying to push it towards a implementation task more than a docs task, more ppl would be involved :-) I really wouldn't mind trying to help myself but I am out of ideas. I tried the non-kosher way by after receiving the idToken, creating an accessToken on the Clientside and submitting it but I couldn't get my api to accept it. It also seems "noone else" has done this oddly enough - or at least I have spent way too much time googling trying to find answers. GPT wasn't of any assistance either. This seems a bit strange since this is the modern Maui way of getting the native AppleID experience so I thought ppl were jumping over it getting it to work. Using Auth0 as temp solution.