User Profile

Hello, I need to use a apple sign in in ios application, i get my authorization code from hybryde apllication : let options: SignInWithAppleOptions = { clientId: ConstConfig.APPLE_CLIENT_ID, redirectURI: ConstConfig.APPLE_REDIRECT_URI, scopes: ConstConfig.APPLE_SCOPES, state: ConstConfig.APPLE_STATE, nonce: ConstConfig.APPLE_NONCE }; SignInWithApple.authorize(options) .then((result: SignInWithAppleResponse) => { this.authenticate.appleAuthorizationCode = result.response.authorizationCode; this.authenticate.appleUser = result.response.user; this.authenticate.appleIdentityToken = result.response.identityToken; i send this 3 value to my backend JAVA to validate the accessToken and get the refrsh token, validate java Method : logger.info("Apple authorization validation"); // get the subject received from the client String clientSubject = getSubject(identityToken); // verifying the code by the apple server String token = getToken(); logger.debug("Authorize with token:" + token); Map<String, String> params = new HashMap<>(); params.put("client_id", APPLE_CLIENT_ID); params.put("client_secret", token); params.put("code", authorisationCode); params.put("grant_type", "authorization_code"); params.put("redirect_uri", ""); if (redirectURI != null) { } String response = post(APPLE_AUTH_URL, params); logger.info("Apple authorization response:" + response); AppleTokenResponse tokenResponse = objectMapper.readValue(response, AppleTokenResponse.class); if (tokenResponse.getError() != null && tokenResponse.getError().length() > 0) { logger.warn("Error during verification of the code. Reason:" + tokenResponse.getError()); return null; } String serverSubject = getSubject(tokenResponse.getId_token()); if (!serverSubject.equals(clientSubject)) { logger.warn("Validation failed, subject does not match!"); return null; } return getClaims(tokenResponse.getId_token()); the JWT TOken : return Jwts.builder() .setHeaderParam(JwsHeader.KEY_ID, APPLE_KEY_ID) .setHeaderParam(JwsHeader.ALGORITHM,"ES256") .setIssuer(APPLE_TEAM_ID) .setAudience(APPLE_APPLE_ID_URL) .setSubject(APPLE_CLIENT_ID) .setExpiration(new Date(System.currentTimeMillis() + (1000 * 60 * 5))) .setIssuedAt(new Date(System.currentTimeMillis())) .signWith(SignatureAlgorithm.ES256, pKey) .compact(); how i get my private key : File file = new File(APPLE_CERTIFICATE_PATH); try { PEMParser pemParser = new PEMParser(new FileReader(file)); JcaPEMKeyConverter converter = new JcaPEMKeyConverter(); PrivateKeyInfo object = (PrivateKeyInfo) pemParser.readObject(); APPLE_PRIVATE_KEY = converter.getPrivateKey(object); logger.info("load apple private keys Ok."); } catch (Exception ex) { logger.error("error on generate apple sign in private Key : ", ex); } thr response still return : {"error":"invalid_grant","error_description":"client_id mismatch. The code was not issued to bundleID"}, i don't know the reason. i read that i nedd to check in testFlit, ido but i still get the same error, i also put the same redirect_url in front and back (for me that not needed because i dont use u web sign in ) but i still get the same error. for my bundle id i use the APP Identifier not the service Identifier in front and back. its correct ? thank for your help.