search

dotnet / docs-maui

This repository contains documentation for .NET Multi-platform App UI (MAUI).
https://docs.microsoft.com/dotnet/maui
Creative Commons Attribution 4.0 International
222 stars 194 forks source link

Missing information on how to commence once having the Apple IdToken #2035

Open danielheddelin opened 8 months ago

danielheddelin commented 8 months ago

Type of issue

Missing information

Description

The Apple Sign In section mentions correctly that Apple does indeed not return an AccessToken and only an IdToken.

// Note that Apple Sign In has an IdToken and not an AccessToken
authToken += result?.AccessToken ?? result?.IdToken;

What is missing now is directions on where to go from here.

Apple Sign In uses the native sign in and not a web authenticator - as mentioned in the beginning of the example:

// Use Native Apple Sign In API's
result = await AppleSignInAuthenticator.AuthenticateAsync();

This means that - apart from with other providers such as Google auth - there is no redirect to a backend. The client gets the response directly and the IdToken.

Now the need to somehow obtain a JWT accesstoken remains in order to apply this as a Bearer token to all the future requests to the Api.

It's not kosher to generate a JWT client-side (something I also tried without managing to get the backend to accept the token), so I would like to know your suggestions on how to move forward with this.

Page URL

https://learn.microsoft.com/en-us/dotnet/maui/platform-integration/communication/authentication?view=net-maui-8.0&tabs=android

Content source URL

https://github.com/dotnet/docs-maui/blob/main/docs/platform-integration/communication/authentication.md

Document Version Independent Id

829bc017-4a10-6ca5-0717-e1e62f59aacc

Article author

@davidbritch

Metadata

davidbritch commented 7 months ago

Hi @danielheddelin

Agreed that some doc updates are needed here. In the meantime, this may help: https://learn.microsoft.com/en-us/xamarin/xamarin-forms/platform/sign-in-with-apple/android-ios-sign-in

danielheddelin commented 7 months ago

Great! Yes I am quite sure the old Xamarin approach would work just fine. Currently I picked Auth0 as an interim solution, awaiting the full native experience with the neat AppleSignInAuthenticator. Looking forward to these docs updates!

danielheddelin commented 7 months ago

@davidbritch To be fair, this is a lot more than just a doc-enhancement even though it might be doc-enhancement in practice. This issue contains the key for how to establish a native AppleID authorization flow entirely. Hence I believe it needs to be bumped in priority.

davidbritch commented 7 months ago

@danielheddelin Bumped. Being honest though, there's one of me and I have the work of multiple people on my shoulders so it could be a while before this happens.

danielheddelin commented 7 months ago

Full respect for that. My, perhaps naive, idea was that trying to push it towards a implementation task more than a docs task, more ppl would be involved :-) I really wouldn't mind trying to help myself but I am out of ideas. I tried the non-kosher way by after receiving the idToken, creating an accessToken on the Clientside and submitting it but I couldn't get my api to accept it. It also seems "noone else" has done this oddly enough - or at least I have spent way too much time googling trying to find answers. GPT wasn't of any assistance either. This seems a bit strange since this is the modern Maui way of getting the native AppleID experience so I thought ppl were jumping over it getting it to work. Using Auth0 as temp solution.