Signin with apple not returning id_token

Question

Created Feb ’23

Replies 1

Boosts 0

Views 1.3k

Participants 1

I am setting up Apple Login with the "passport-apple" library using NestJS. The first login returns a data object with "state," "code," and "user," but no id_token.

Subsequent logins return data objects containing only "state" and "code."

I understand that Apple does not return a user object in the subsequent login, but "code" and "state" are not unique to the user as the value returned for "state" and "code" is different at any login request. Now there is no way for me to identify the user each time the user makes a login request with Apple.

below is my strategy congiguration:

import { Inject, Injectable } from '@nestjs/common';
import { ConfigService } from '@nestjs/config';
import { PassportStrategy } from '@nestjs/passport';
import { Strategy } from 'passport-apple';

import { readFileSync } from 'fs';

@Injectable()
export class AppleStrategy extends PassportStrategy(Strategy, 'apple') {
  constructor(configService: ConfigService) {
    super({
      clientID: configService.get<string>('APPLE_CLIENT_ID'),
      teamID: configService.get<string>('APPLE_TEAM_ID'),
      keyID: configService.get<string>('APPLE_KEY_ID'),
      key: readFileSync(
        __dirname + '/../../../apple_secret/apple_secret_key.p8',
      ),
      callbackURL: configService.get<string>('APPLE_CALLBACK_URL'),
      passReqToCallback: false,
      response_type: 'code id_token',
      scope: ['name', 'email'],
    });
  }

}

Boost

Answer 1

obomheire OP

Apr ’23

I was able to resolve this by using a diffrent libeary. I use @arendajaelu/nestjs-passport-apple

$ npm install @arendajaelu&#x2F;nestjs-passport-apple

My AppleStrategy:

import { Injectable } from &#039;@nestjs&#x2F;common&#039;;
import { PassportStrategy } from &#039;@nestjs&#x2F;passport&#039;;
import { Strategy } from &#039;@arendajaelu&#x2F;nestjs-passport-apple&#039;;
import { ConfigService } from &#039;@nestjs&#x2F;config&#039;;
import { readFileSync } from &#039;fs&#039;;

@Injectable()
export class AppleStrategy extends PassportStrategy(Strategy, &#039;apple&#039;) {
  constructor(config: ConfigService) {
    super({
      clientID: config.get&lt;string>(&#039;APPLE_CLIENT_ID&#039;),
      teamID: config.get&lt;string>(&#039;APPLE_TEAM_ID&#039;),
      keyID: config.get&lt;string>(&#039;APPLE_KEY_ID&#039;),
      keyFilePath: readFileSync(
        __dirname + &#039;&#x2F;..&#x2F;..&#x2F;..&#x2F;apple_secret&#x2F;apple_secret_key.p8&#039;,
      ),
      callbackURL: config.get&lt;string>(&#039;APPLE_CALLBACK_URL&#039;),
      passReqToCallback: false,
      scope: [&#039;email&#039;, &#039;name&#039;],
    });
  }
}

Response:

{
"code": "..............................................",
"id_token": "..............................................",
"user": "{"name":{"firstName":"First_Name","lastName":"Last_Name"},"email":"Email"}"
}

NB: The user object is only returned on the first login; the subsiquent login returns code and id_token only.

0