Post not yet marked as solved
I'm facing an issue with some master sandbox testing cards, the DPAN value displayed on the “Wallet
& Apple Pay Setting” different from the value we got after decrypting the payment token. check the below sample values:
FPAN: 5204 2477 5000 1497
DPAN on device setting: **********5057
Decrypted DPAN: 520424****5996
The DPAN and the decrypted DPAN should be the same.
Post not yet marked as solved
Hello,
I need to use a apple sign in in ios application, i get my authorization code from hybryde apllication :
let options: SignInWithAppleOptions = {
clientId: ConstConfig.APPLE_CLIENT_ID,
redirectURI: ConstConfig.APPLE_REDIRECT_URI,
scopes: ConstConfig.APPLE_SCOPES,
state: ConstConfig.APPLE_STATE,
nonce: ConstConfig.APPLE_NONCE
};
SignInWithApple.authorize(options)
.then((result: SignInWithAppleResponse) => {
this.authenticate.appleAuthorizationCode = result.response.authorizationCode;
this.authenticate.appleUser = result.response.user;
this.authenticate.appleIdentityToken = result.response.identityToken;
i send this 3 value to my backend JAVA to validate the accessToken and get the refrsh token, validate java Method :
logger.info("Apple authorization validation");
// get the subject received from the client
String clientSubject = getSubject(identityToken);
// verifying the code by the apple server
String token = getToken();
logger.debug("Authorize with token:" + token);
Map<String, String> params = new HashMap<>();
params.put("client_id", APPLE_CLIENT_ID);
params.put("client_secret", token);
params.put("code", authorisationCode);
params.put("grant_type", "authorization_code");
params.put("redirect_uri", "");
if (redirectURI != null) {
}
String response = post(APPLE_AUTH_URL, params);
logger.info("Apple authorization response:" + response);
AppleTokenResponse tokenResponse = objectMapper.readValue(response, AppleTokenResponse.class);
if (tokenResponse.getError() != null && tokenResponse.getError().length() > 0) {
logger.warn("Error during verification of the code. Reason:" + tokenResponse.getError());
return null;
}
String serverSubject = getSubject(tokenResponse.getId_token());
if (!serverSubject.equals(clientSubject)) {
logger.warn("Validation failed, subject does not match!");
return null;
}
return getClaims(tokenResponse.getId_token());
the JWT TOken :
return Jwts.builder()
.setHeaderParam(JwsHeader.KEY_ID, APPLE_KEY_ID)
.setHeaderParam(JwsHeader.ALGORITHM,"ES256")
.setIssuer(APPLE_TEAM_ID)
.setAudience(APPLE_APPLE_ID_URL)
.setSubject(APPLE_CLIENT_ID)
.setExpiration(new Date(System.currentTimeMillis() + (1000 * 60 * 5)))
.setIssuedAt(new Date(System.currentTimeMillis()))
.signWith(SignatureAlgorithm.ES256, pKey)
.compact();
how i get my private key :
File file = new File(APPLE_CERTIFICATE_PATH);
try {
PEMParser pemParser = new PEMParser(new FileReader(file));
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
PrivateKeyInfo object = (PrivateKeyInfo) pemParser.readObject();
APPLE_PRIVATE_KEY = converter.getPrivateKey(object);
logger.info("load apple private keys Ok.");
} catch (Exception ex) {
logger.error("error on generate apple sign in private Key : ", ex);
}
thr response still return : {"error":"invalid_grant","error_description":"client_id mismatch. The code was not issued to bundleID"}, i don't know the reason.
i read that i nedd to check in testFlit, ido but i still get the same error, i also put the same redirect_url in front and back (for me that not needed because i dont use u web sign in ) but i still get the same error.
for my bundle id i use the APP Identifier not the service Identifier in front and back. its correct ?
thank for your help.
Post not yet marked as solved
I have the below code block to call the token endpoint. The endpoint succeeds from Postman with JSON response but from my web application, it fails with CORS error. What could be the reason for this behavior?
const axios = require('axios');
const qs = require('qs');
let data = qs.stringify({
'grant_type': 'authorization_code',
'code': 'xxxxxxyyyyybbb,
'redirect_uri': 'https:myApp/login',
'client_id': 'com.myclient_id',
'client_secret': 'myworkingsecret'
});
let config = {
method: 'post',
maxBodyLength: Infinity,
url: 'https://appleid.apple.com/auth/token',
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
},
data : data
};
axios.request(config)
.then((response) => {
console.log(JSON.stringify(response.data));
})
.catch((error) => {
console.log(error);
});
Post not yet marked as solved
We are implementing a web app with Angular as frontend and java springboot as backend. while trying to use signin with Appleid in our application login page, we are getting Invalid_Client.
please find the attached log and image of error.
log.txt
Post not yet marked as solved
This appleid.cdn-apple.com page can’t be foundNo web page was found for the web address: https://appleid.cdn-apple.com/appleid/button/logo?size=44&color=black&border=false&border_radius=50&scale=2
HTTP ERROR 404
Post not yet marked as solved
Null Display Name Issue with AppleAuth Provider on Firebase using react native
Dear Apple App Review Team,
I have been diligently working on my app, which heavily relies on Firebase for authentication purposes. Specifically, I am utilizing the AppleAuth provider to offer seamless authentication options to my users. However, during the review process, it came to my attention that the display name from the AppleAuth provider is being returned as null.
This issue is concerning, as it directly affects the user experience and functionality of my app. It prevents users from being able to see their display name correctly, which can lead to confusion and frustration. Moreover, it undermines the trust and reliability of the app, which I have worked hard to establish.
I have thoroughly reviewed my code and integration with Firebase, and I can confirm that I have followed all the necessary guidelines and recommendations provided by Apple and Firebase documentation. The null display name issue appears to be an unexpected and unintended consequence.
To rectify this problem, I kindly request the assistance and guidance of the Apple App Review Team. I would greatly appreciate it if you could provide me with specific instructions or steps to resolve the null display name issue with the AppleAuth provider on Firebase.
I understand the importance of maintaining high-quality standards on the Apple App Store, and I am fully committed to resolving this issue promptly. I value the collaborative relationship between developers and the Apple App Review Team and believe that by working together, we can ensure the best possible experience for our users.
Thank you very much for your attention to this matter. I look forward to your prompt response and guidance on how to handle this issue effectively. Please feel free to contact me if you require any additional information or have any further