apple-sign-in icon indicating copy to clipboard operation
apple-sign-in copied to clipboard

Published 20 hours ago verified publisher icon capacitor-community

The "state" response field is not returned by plugin

Open serebrov opened this issue 3 years ago • 0 comments

Describe the bug

The state response field should be used to validate the Apple response (it should be the same as the state we send in request options).

Request: see the ASAuthorizationAppleIDRequest and parent ASAuthorizationOpenIDRequest in apple docs:

var state: String? Data that’s returned to you unmodified in the corresponding credential after a successful authentication.

Response: ASAuthorizationAppleIDCredential docs:

var state: String? An arbitrary string that your app provides to the request that generates the credential.

To Reproduce

Steps to reproduce the behavior:

  1. Send the authentication request
  2. Dump the response with console.log
  3. Check the logged object
  4. Error: there is no state field in it.

Related code is here and the set of returned fields is:

"user": appleIDCredential.user,
"email": appleIDCredential.email,
"givenName": appleIDCredential.fullName?.givenName,
"familyName": appleIDCredential.fullName?.familyName,
"identityToken": String(data: appleIDCredential.identityToken!, encoding: .utf8),
"authorizationCode": String(data: appleIDCredential.authorizationCode!, encoding: .utf8)

Where appleIDCredential is the ASAuthorizationAppleIDCredential object that has state in it.

Expected behavior

The state is present in the response data.

The solution should be to add:

"state": appleIDCredential.state,

to the response.

serebrov avatar Jan 29 '22 14:01 serebrov