Apple now requires Sign-in with Apple if using other social logins

[Seanmclem]

See here https://www.reddit.com/r/programming/comments/fg7ant/apple_now_requires_sign_in_with_apple_ios/?sort=top or here https://developer.apple.com/app-store/review/guidelines/#sign-in-with-apple

Pretty soon this great Plugin will be almost useless for iPhone apps if Apple is really going to enforce this

[mrjmorant]

I uploaded an app on friday but it got rejected:

Guideline 4.8 - Design - Sign in with Apple We noticed that your app uses a third-party login service but does not offer Sign in with Apple.

Next Steps To resolve this issue, please revise your app to offer Sign in with Apple as an equivalent login option.

[loftyduck]

Is anyone working on this? I could try for iOS but I'm not as confident with android

[mrjmorant]

@loftyduck I decided to use cordova-plugin-apple-login temporally https://stackoverflow.com/questions/59940378/sign-in-by-apple-and-firebase-x-plugin-ionic-4

[hawekotte]

If it helps I threw something together here. (This is actually a fork of a fork -- thanks @mrjmorant!)

For some reason I can't get the locally installed version of the repo to run smoothly (as per my issue) but my second comment there shows my current "hacky" method I am using as a POC. Hopefully I can get @baumblatt to let me know if I am just doing something wrong locally or if there is a part of his NPM publishing process that makes this all work.

[Seanmclem]

@loftyduck I decided to use cordova-plugin-apple-login temporally https://stackoverflow.com/questions/59940378/sign-in-by-apple-and-firebase-x-plugin-ionic-4

There is a capacitor plugin now -with which you could probably use the same method from the SO answer. I'm trying it out now

[askilondz]

This needs to be addressed now or this plugin is unusable for iOS devices. As of June 30th you can no longer upload to the App Store now without Sign In With Apple if using a third party sign in.

[gabriel-imascono]

Thank you for your work in this plugin, it's been really helpful. This is the only feature missing from it.

[kevinXmichael]

@baumblatt do you consider this task to be done in the near future? Like @askilondz already said, this plugin will be useless on iOS due to Apples policy. This is really sad, as it is actually really helpful and easy to use 😞

[baumblatt]

Hello @kmschott and others,

I will be completely honest with you, since February when I left my old job, I loose access to Apple Developer Program.

Recently I had asked them a temporary access to work on it, but until now nothing happens. I can’t make this work without been apple to test during development time.

There are people working on forks and planing to make PR, but I don’t have any informations about the stage of them work.

If someone are willing to help me with temporary developer access, help configuring the store when needed and real tests on your App on your side, we can make this happens together. I think that we need just a couple of weeks to close this issue.

Interested can send me a direct email and we can start working on it.

Looking forward to hearing from anyone interested.

Best regards,
Bernardo Baumblatt.

[saricden]

Hey @baumblatt,

I've got an Apple Developer Account and have to make getting Apple Sign-In a priority (because I encountered the same issue of my app being rejected without it).

I'd be happy to help.

My email: [email protected]

All the best, Kirk M.

[baumblatt]

Hi Kirk,

Thanks for reaching out, I already have it now and working on it.

Looking forward to counting with you on tests.

Best regards, Bernardo Baumblatt.

On Mon, Sep 14, 2020 at 2:15 PM Kirk [email protected] wrote:

Hey @baumblatt https://github.com/baumblatt,

I've got an Apple Developer Account and have to make getting Apple Sign-In a priority (because I encountered the same issue of my app being rejected without it).

I'd be happy to help.

My email: [email protected]

All the best, Kirk M.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/baumblatt/capacitor-firebase-auth/issues/63#issuecomment-692194413, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADJMCV3TUFXDDE2MW65STOLSFZFTPANCNFSM4LFDLWTA .

-- Atenciosamente, Bernardo Baumblatt.

[saricden]

Beauty, I'll be around!

On Tue., Sep. 15, 2020, 8:01 a.m. Bernardo Baumblatt, < [email protected]> wrote:

Hi Kirk,

Thanks for reaching out, I already have it now and working on it.

Looking forward to counting with you on tests.

Best regards, Bernardo Baumblatt.

On Mon, Sep 14, 2020 at 2:15 PM Kirk [email protected] wrote:

Hey @baumblatt https://github.com/baumblatt,

I've got an Apple Developer Account and have to make getting Apple Sign-In a priority (because I encountered the same issue of my app being rejected without it).

I'd be happy to help.

My email: [email protected]

All the best, Kirk M.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub < https://github.com/baumblatt/capacitor-firebase-auth/issues/63#issuecomment-692194413 , or unsubscribe < https://github.com/notifications/unsubscribe-auth/ADJMCV3TUFXDDE2MW65STOLSFZFTPANCNFSM4LFDLWTA

.

-- Atenciosamente, Bernardo Baumblatt.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/baumblatt/capacitor-firebase-auth/issues/63#issuecomment-692774493, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABVOA6FWZ2ARWJ4WUJ2Q7B3SF56UNANCNFSM4LFDLWTA .

[baumblatt]

Hello,

I have news for this issue, the version 2.3.3 is out there under tag next as well as the feature on branch next.

You can take a look here.

On iOS the authentication works, perhaps I don’t receive the user display name. There is a note here about it, that could be occurred during the development process.

The Android is coded, but for awhile I was unable to test, as soon as I have news I will share here.

Looking forward to hearing from your tests.

Best regards, Bernardo Baumblatt.

[joseph-navant]

Hi @baumblatt,

Thank you for this awesome plugin!

I'm testing "Sign-in with Apple" feature but, after choose if I want to share my email or not, I'm receiving the following error: error {"code":"auth/missing-or-invalid-nonce","message":"Duplicate credential received. Please try again with a new credential."}

I noticed that this is happening with "nativeAuth": true in capacitor.config.json file.

Although I select "Share My Email" option and the above error, it creates a @privaterelay.appleid.com user in firebase.

Do you know why? What can I do?

Best regards

[baumblatt]

Hello Joseph,

Have you tried with nativeAuth: false? Maybe the Apple's nounce and/or token is like Phone, can't be used twice.

If this is true, the nativeAuth will not be supported by Apple as is not supported by Phone.

Are you sure that you need this? What are you using that requires this? If you opted to nativeAuth:true the user will be authenticated in both layers (native and web), so the authentication will occurs twice.

I will try it this weekend to confirm that.

Best regards,. Bernardo Baumblatt

[baumblatt]

Hello Joseph,

That's it, the nativeAuth is not supported for Apple provider, I received the same error after toggle the option.

{
    "code":"auth/missing-or-invalid-nonce",
    "message":"Duplicate credential received. Please try again with a new credential."
}

I will remove the code from native layer for Apple provider and update the documentation.

For awhile the turn around is use nativeAuth: false.

Best regards,
Bernardo Baumblatt

[drc-nloftsgard]

@baumblatt I've installed 2.3.3 and it's working for me on web and iOS. I don't have an Android device and testing on an emulator didn't handle the redirect back to the application after authentication, but I think that's expected?

Thanks for your work on this; much appreciated.

[baumblatt]

Hi Nate (@loftyduck ),

Thank you for sharing, have you done all those steps of Firebase docs?

Best regards,
Bernardo Baumblatt

[baumblatt]

Hello,

I have plans to release the next as latest very soon, please, if anyone has any thoughts against it, let me know here.

Although no one makes the Android version work, I want to release it because there are no breaking changes.

Best regards.

[drewzb]

I can confirm that the iOS version works.

However, the Android version does not work. It has issues with the redirect as drc-nloftsgard also reports. I tried it on an actual Android device and have followed all the guides.

[baumblatt]

Hi @drewzb ,

Thanks for sharing, is there anything I can do about reported issues?

I don't have Apple developer account to test it, so I'm willing to make video call with someone to try to solve the problem.

Anyway, I don't think this is a problem to release, it is clear that this edition will remain open.

Best regards.

[drewzb]

@baumblatt Yes I think you can release. Just note that native Apple sign in doesn't work on Android devices yet. I'll try to look into the reason it's failing this weekend if I can find some time. Thanks for putting this together.

[drewzb]

@baumblatt Just an update: didn't get a chance this weekend as I was hoping for. I hope to get to it soon.

[baumblatt]

Hi,

I just want to let you know that version 2.3.5 with Apple Sign In for iOS is tagged as latest.

This issue will continue open until we put the Android to work.

Best regards.

[aronrodrigues]

I am using "capacitor-firebase-auth": "^2.3.5",I tried to call

cfaSignInApple().subscribe(data => console.log({data}))

but I received the error " - ERROR The 'apple.com' provider was not supported"

[aronrodrigues]

It is using the web.ts version.

[balazsotakomaiya]

I am using "capacitor-firebase-auth": "^2.3.5",I tried to call

cfaSignInApple().subscribe(data => console.log({data}))

but I received the error " - ERROR The 'apple.com' provider was not supported"

You might need to sync your capacitor files to the native platforms?

Also, you need to have the following in your capacitor.config.json file

    "CapacitorFirebaseAuth": {
      "providers": [
        "apple.com"
      ],
      "nativeAuth": false,
      ...
    }

[Nakira]

Hello guys, it's been a rough week for me :-) but it works

1 - got rejected by apple because no apple sign but social logins in place :

Guideline 4.8 - Design - Sign in with Apple


Your app uses a third-party login service, but does not offer Sign in with Apple. Apps that use a third-party login service for account authentication need to offer Sign in with Apple to users as an equivalent option.

Next Steps

Please revise your app to offer Sign in with Apple as an equivalent option for account authentication.

Resources

- Get Sign in with Apple sample code.
- View Sign in with Apple design requirements.
- Learn about the benefits of Sign in with Apple.

Please see attached screenshots for details.

2 - Had multiple bugs or not working version (duplicate credential is on of them, unknown provider is another)

Here is my current implentation Using 2.4.0

I got it to work after going inside xcode, i'll try my best to recap the changes made :

capacitor.json :

{
  "appId": "****",
  "appName": "****",
  "bundledWebRuntime": false,
  "npmClient": "npm",
  "webDir": "dist/app/browser",
  "linuxAndroidStudioPath": "/opt/android-studio-4.1/android-studio/bin/studio.sh",
  "plugins": {
    "CapacitorFirebaseAuth": {
      "providers": ["google.com", "facebook.com","apple.com"],
      "languageCode": "en",
      "nativeAuth": false,
      "permissions": {
        "google": ["profile"],
        "apple":["email"]
      }
    }
  }
}

ios/App/App/App.entitlements (/!\ this one i had to manually add apple sign in to capabilities through xcode following https://developer.apple.com/documentation/xcode/adding-capabilities-to-your-app) I don't think that it's inside the documentation of baumblatt/capacitor-firebase-auth and i don't know if it can ben made through code only (as there is some cryptict reference to the file genereated by xcode in ios/App/App.xcodeproj/project.pbxproj )

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>com.apple.developer.applesignin</key>
	<array>
		<string>Default</string>
	</array>
</dict>
</plist>

/home/jeanch/www/wolf-mobile/ios/App/App/AppRelease.entitlements

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>com.apple.developer.applesignin</key>
	<array>
		<string>Default</string>
	</array>
</dict>
</plist>

page.ts

doAppleSignup(): void {
    this.firebaseAuthService.signInWithApple().subscribe(
      () => {
        this.redirectLoggedUser();
      },
      error => {
        console.log(error);
        alert(error.message);
        this.manageAuthWithProvidersErrors(error.message);
      },
    );
  }

firebaseAuthservice.ts

signInWithApple(){
    const provider = new firebase.auth.OAuthProvider('apple.com');
    
    return this.socialSignIn(provider.providerId);
  }

socialSignIn(providerName: string, scopes?: Array<string>): Observable<any> {
    if (this.platform.is('capacitor')) {
      return cfaSignIn(providerName);
    } else {
     //....
    }
  }