Last active
October 22, 2024 03:01
-
-
Save kylebshr/0d295fe450c9c02289a26fcf0aca5b16 to your computer and use it in GitHub Desktop.
Revisions
-
kylebshr revised this gist
Dec 11, 2019 . 1 changed file with 0 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -7,7 +7,6 @@ */ import Vapor import JWT struct AppleJWT: JWTPayload { -
Dec 10, 2019 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ /* Once you've signed in with Apple in your iOS app, turn the `identityToken` into a string with something like `String(data: identityToken, encoding: .utf8)`. Then use that string in the Authorization header: `urlRequest.addValue("Bearer \(identityString)", forHTTPHeaderField: "Authorization")` */ -
Dec 10, 2019 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,8 +1,8 @@ /* Once you've signed in with Apple in your iOS app, turn the `identityToken` into a string with something like `String(data: identityToken, encoding: .utf8))`. Then use that string in the Authorization header: `urlRequest.addValue("Bearer \(identityString)", forHTTPHeaderField: "Authorization")` */ -
Dec 10, 2019 . 1 changed file with 8 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,3 +1,11 @@ /* Once you've signed in with Apple in your iOS app, turn the `identityToken` into a string with something like `String(data: identityToken, encoding: .utf8))`. Then use that string in the Authorization header: `urlRequest.addValue("Bearer \(identityString)", forHTTPHeaderField: "Authorization")` */ import Vapor import HTTP import JWT -
Dec 10, 2019 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,38 @@ import Vapor import HTTP import JWT struct AppleJWT: JWTPayload { let iss: IssuerClaim let aud: AudienceClaim let exp: ExpirationClaim let iat: IssuedAtClaim let sub: SubjectClaim let c_hash: String let email: String let email_verified: String let auth_time: Date func verify(using signer: JWTSigner) throws { try exp.verifyNotExpired() } } struct User: Content { var email: String } final class AuthenticationController { func verifyAppleJWT(_ req: Request) throws -> Future<User> { guard let bearer = req.http.headers.bearerAuthorization else { throw Abort(.unauthorized) } return try req.client().get("https://appleid.apple.com/auth/keys").flatMap { response in return try response.content.decode(JWKS.self).map { jwks in let jwt = try JWT<AppleJWT>(from: bearer.token, verifiedUsing: JWTSigners(jwks: jwks)) return User(email: jwt.payload.email) } } } }