Apple native sign-in support (without Firebase)?

[doolle89]

Hi, I wonder if there are any plans for adding Apple sign-in without Firebase? The same way there is Google sign-in without Firebase, it would be useful for apps that don't use Firebase and their authentication api quotas...

[mirzemehdi]

@doolle89 Probably, no. At least not in the way that google sign-in is implemented. And the reason for that, Google Sign In provides idToken for both in android and ios, which can be used to extract displayName, profilePic and fullName.

But for Apple Sign In, only in apple it has native implementation, and for other platforms it needs to follow through web using oauth2 flow. And with that it provides authorization code, which needs to be exchanged with accessToken in the server side for a security reasons. Using client_secret you can exchange authorization code with accessToken, but it is not secure to store this value in the client side.

That's why Firebase plays a role of server side, and it does all necessary things. And as far as I know for OAuthProviders authentication there is not any quote in the Firebase, or do I miss something here?

[doolle89]

@mirzemehdi Ok, I understand, good point. You are right, I checked and it seems for OAuthProviders there is no cost as long as you don't start using Identity platform...

I still think that it would be valuable for the lib to have Apple sign-in without Firebase support for apple targets only, I know that multiplatform lib should support all platforms, but since Apple requires their own sign-in and blocks apps because of it, I can see many use cases where apps support Apple sign-in only on Apple platforms. I hope that it makes sense :)

If you figure out that it is useful and need help, I can probably contribute to it