forked from Timothylock/go-signin-with-apple
-
Notifications
You must be signed in to change notification settings - Fork 0
/
app_validation_example_test.go
83 lines (66 loc) · 1.98 KB
/
app_validation_example_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
package example
import (
"context"
"fmt"
"testing"
"github.com/Timothylock/go-signin-with-apple/apple"
)
/*
This example shows you how to validate an iOS app token for the first time
*/
func TestValidatingAppTokenAndObtainingID(t *testing.T) {
// Your 10-character Team ID
teamID := "XXXXXXXXXX"
// ClientID is the "Services ID" value that you get when navigating to your "sign in with Apple"-enabled service ID
clientID := "com.your.app"
// Find the 10-char Key ID value from the portal
keyID := "XXXXXXXXXX"
// The contents of the p8 file/key you downloaded when you made the key in the portal
secret := `-----BEGIN PRIVATE KEY-----
YOUR_SECRET_PRIVATE_KEY
-----END PRIVATE KEY-----`
// Generate the client secret used to authenticate with Apple's validation servers
secret, err := apple.GenerateClientSecret(secret, teamID, clientID, keyID)
if err != nil {
fmt.Println("error generating secret: " + err.Error())
return
}
// Generate a new validation client
client := apple.New()
vReq := apple.AppValidationTokenRequest{
ClientID: clientID,
ClientSecret: secret,
Code: "the_authorization_code_to_validate",
}
var resp apple.ValidationResponse
// Do the verification
err = client.VerifyAppToken(context.Background(), vReq, &resp)
if err != nil {
fmt.Println("error verifying: " + err.Error())
return
}
if resp.Error != "" {
fmt.Printf("apple returned an error: %s - %s\n", resp.Error, resp.ErrorDescription)
return
}
// Get the unique user ID
unique, err := apple.GetUniqueID(resp.IDToken)
if err != nil {
fmt.Println("failed to get unique ID: " + err.Error())
return
}
// Get the email
claim, err := apple.GetClaims(resp.IDToken)
if err != nil {
fmt.Println("failed to get claims: " + err.Error())
return
}
email := (*claim)["email"]
emailVerified := (*claim)["email_verified"]
isPrivateEmail := (*claim)["is_private_email"]
// Voila!
fmt.Println(unique)
fmt.Println(email)
fmt.Println(emailVerified)
fmt.Println(isPrivateEmail)
}