docs-maui icon indicating copy to clipboard operation
docs-maui copied to clipboard

Published 20 hours ago verified publisher icon dotnet

Missing information on how to commence once having the Apple IdToken

Open danielheddelin opened this issue 1 year ago • 5 comments

Type of issue

Missing information

Description

The Apple Sign In section mentions correctly that Apple does indeed not return an AccessToken and only an IdToken.

// Note that Apple Sign In has an IdToken and not an AccessToken
authToken += result?.AccessToken ?? result?.IdToken;

What is missing now is directions on where to go from here.

Apple Sign In uses the native sign in and not a web authenticator - as mentioned in the beginning of the example:

// Use Native Apple Sign In API's
result = await AppleSignInAuthenticator.AuthenticateAsync();

This means that - apart from with other providers such as Google auth - there is no redirect to a backend. The client gets the response directly and the IdToken.

Now the need to somehow obtain a JWT accesstoken remains in order to apply this as a Bearer token to all the future requests to the Api.

It's not kosher to generate a JWT client-side (something I also tried without managing to get the backend to accept the token), so I would like to know your suggestions on how to move forward with this.

Page URL

https://learn.microsoft.com/en-us/dotnet/maui/platform-integration/communication/authentication?view=net-maui-8.0&tabs=android

Content source URL

https://github.com/dotnet/docs-maui/blob/main/docs/platform-integration/communication/authentication.md

Document Version Independent Id

829bc017-4a10-6ca5-0717-e1e62f59aacc

Article author

@davidbritch

Metadata

  • ID: 829bc017-4a10-6ca5-0717-e1e62f59aacc
  • Service: dotnet-mobile
  • Sub-service: dotnet-maui

danielheddelin avatar Jan 24 '24 08:01 danielheddelin

Hi @danielheddelin

Agreed that some doc updates are needed here. In the meantime, this may help: https://learn.microsoft.com/en-us/xamarin/xamarin-forms/platform/sign-in-with-apple/android-ios-sign-in

davidbritch avatar Jan 29 '24 15:01 davidbritch

Great! Yes I am quite sure the old Xamarin approach would work just fine. Currently I picked Auth0 as an interim solution, awaiting the full native experience with the neat AppleSignInAuthenticator. Looking forward to these docs updates!

danielheddelin avatar Jan 30 '24 08:01 danielheddelin

@davidbritch To be fair, this is a lot more than just a doc-enhancement even though it might be doc-enhancement in practice. This issue contains the key for how to establish a native AppleID authorization flow entirely. Hence I believe it needs to be bumped in priority.

danielheddelin avatar Feb 13 '24 09:02 danielheddelin

@danielheddelin Bumped. Being honest though, there's one of me and I have the work of multiple people on my shoulders so it could be a while before this happens.

davidbritch avatar Feb 15 '24 12:02 davidbritch

Full respect for that. My, perhaps naive, idea was that trying to push it towards a implementation task more than a docs task, more ppl would be involved :-) I really wouldn't mind trying to help myself but I am out of ideas. I tried the non-kosher way by after receiving the idToken, creating an accessToken on the Clientside and submitting it but I couldn't get my api to accept it. It also seems "noone else" has done this oddly enough - or at least I have spent way too much time googling trying to find answers. GPT wasn't of any assistance either. This seems a bit strange since this is the modern Maui way of getting the native AppleID experience so I thought ppl were jumping over it getting it to work. Using Auth0 as temp solution.

danielheddelin avatar Feb 15 '24 12:02 danielheddelin