User Profile

Posts

Posts

Post not yet marked as solved
8 Replies
Replied In Sign in with Apple Server to Server Notification Documentation
I have this working on a test server now. See my notes here: https://stackoverflow.com/questions/58178187/apple-sign-in-how-to-use-it-for-custom-server-endpoint-authentication/62604213#62604213 It would still be nice to have some Apple docs reflecting this. Feels like I'm kinda operating in the blind.
Post not yet marked as solved
3 Replies
Replied In Access Live Photo from Share (or Action) extension
I'm assuming this is still life-as-we-know it-- that accessing live photos from sharing extensions doesn't work? See also https://stackoverflow.com/questions/65470983/getting-a-live-image-phlivephoto-when-in-a-sharing-extension-using-the-photos
Post marked as solved
2 Replies
Replied In How to register my URL for server to server notification?
Thanks, @randomguy. What about the the details of how that endpoint operates? E.g., is it a POST or a GET? Parameters?
Post not yet marked as solved
8 Replies
Replied In Sign in with Apple Server to Server Notification Documentation
Just adding my agreement -- please provide documentation for server-to-server notifications. Thank you.
Post not yet marked as solved
9 Replies
Replied In Sign in with apple - Multiple public keys returned
I'm using SwiftJWT https://github.com/IBM-Swift/Swift-JWT.git and it provides a method:         let jwtDecoder = JWTDecoder(keyIDToVerifier: getVerifier) which you pass a kid and it returns a verifier.     private func getVerifier(using kid: String) -> JWTVerifier?  {         guard let publicKeyPEM = toPEM(kid: kid) else {             return nil         }         guard let publicKeyData = publicKeyPEM.data(using: .utf8) else {             return nil         }         return JWTVerifier.rs256(publicKey: publicKeyData)     } toPEM(kid: kid) is just my method to lookup a key given a specific kid string.
Post not yet marked as solved
2 Replies
Replied In Apple Sign-In: How to use it for custom server endpoint authentication?
A few more details-- this problem seems difficult because:1) The id tokens I get on iOS when the user signs in with Apple Sign In have a relatively short expiry duration (seems like 10 minutes).2) Apple throttles the frequency with which you can use the refresh token (e.g., server-side) to generate an id token to once per 24 hours (https://developer.apple.com/documentation/signinwithapplerestapi/verifying_a_user).3) We apparently cannot automatically get a refreshed id token client side on iOS (see https://forums.developer.apple.com/thread/117867).Update on 10/5/19-- Upon actual use of https://developer.apple.com/documentation/signinwithapplerestapi/generate_and_validate_tokens for refresh token validation, I find that it is not actually generating an updated id token. It is generating an access token-- but Apple doesn't define a use for that, and is validating the refresh token.Update on 10/10/19-- A blog article on these issues https://medium.com/@crspybits/apple-sign-in-custom-servers-and-an-expiry-conundrum-d1ad63223870
Post not yet marked as solved
5 Replies
Replied In Sign In with Apple - error "AUTH_ALERT_SIGN_UP_NOT_COMPLETED"
OK-- just found this:https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple