Implementation of the Sign in with Apple service in Ruby on Rails. This implementation is convenient for Ruby on Rails APIs as it does not use views.
- Verify the user's identity token with apple servers to confirm that the token is not expired and ensure it has not been tampered with or replayed to the app.
- Log in the user, register the user or connect the user's apple account to the user's existing account.
- code: Apple's authorizationCode after sign in. Example: c49a75458b1e74b9f8e866f5a93b1689a.0.nrtuy. ...
- id_token: Apple's identityToken after sign in. Example: eyJraWQiOiJBSURPUEsxIiwiYWxnIjoiUlMyNT ...
The following block:
begin
token_response = @client.access_token!
rescue AppleID::Client::Error => e
# variable "e" contains the error message from apple.
return unauthorized
end
Rescues from an ErrorResponse received from Apple, due to an invalid value in the code parameter.
This error can occur when the :code parameter is invalid, because of a change in the Sign in with Apple’s configurations (identifier, private key, team, key id, redirect URI, etc) or a mismatch between the backend's configuration that makes the request to apple servers (this implementation) and the configuration used in the frontend to show the Sign in page.