I am looking at implementing Apple Sign in soon and was looking for an out-of-the-box solution in the Elixir community, if there was one. But, since Apple Sign In is so new, I didn’t expect to see any libraries out there.
I however came across the Ueberauth project and was wondering if there were any plans to have Apple be one of the providers?
OpenID Connect is mostly just OAuth2 with some auto-finding and so forth. If you manually define the connections for OAuth2 then it generally works on OpenID Connect. So you could probably just take the oauth2 plugin and do that, or fork it and bake in Apple’s connections into it so it becomes fairly configurationless.
I took a look at https://github.com/pow-auth/assent. It is not clear to me how to use it. I have a native iOS app that sends the apple identity token and the authorization code (see apple-documentation) to my phoenix server. The server receives it in the onboarding_controller.ex:
defmodule MyAppWeb.V1.OnboardingController do
use MyAppWeb, :controller
def activate(conn, %{"apple_jwt" => apple_jwt, "apple_auth" => apple_auth}) do
#...
end
end
I would like to validate the identity token via my Registration-module like so:
def activate(conn, %{"apple_jwt" => apple_jwt, "apple_auth" => apple_auth}) do
case MyApp.Registration.check_apple_sign_in(apple_jwt, apple_auth) do
{:ok, apple_user_id} ->
conn |> put_status(:ok) |> put_view(MyAppWeb.ErrorView) |> render(:"200")
_ ->
conn |> put_status(400) |> put_view(MyAppWeb.ErrorView) |> render(:"400")
end
end
Is this possible with assent and how could I achieve this?
:session_params are required in Assent, but in this case it can just be an empty map as you don’t need to validate state.
Remember that the :redirect_uri in the config should match your app. If I remember correctly with Apple it just has to be nil or empty string, since there’s no redirect uri in the app: