Skip to content

Instantly share code, notes, and snippets.

Last active January 26, 2023 04:24
  • Star 10 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save nov/993a303aa6badd8447f7b96fb952088e to your computer and use it in GitHub Desktop.
require 'apple_id'
# NOTE: in debugging mode, you can see all HTTPS request & response in the log.
# AppleID.debug!
pem = <<-PEM
private_key = pem
client =
identifier: '<YOUR-CLIENT-ID>',
team_id: '<YOUR-TEAM-ID>',
key_id: '<YOUR-KEY-ID>',
private_key: private_key,
redirect_uri: '<YOUR-REDIRECT-URI>'
authorization_uri = client.authorization_uri(scope: [:email, :name])
puts authorization_uri
`open "#{authorization_uri}"`
print 'code: ' and STDOUT.flush
code = gets.chop
client.authorization_code = code
response = client.access_token!
client: client,
access_token: response.access_token,
# When verifying signature, one http request to Apple's JWKs are required.
# You can skip ID Token signature verification when you got the token directly from the token endpoint in TLS channel.
verify_signature: false
puts response.id_token.sub # => OpenID Connect Subject Identifier (= Apple User ID)
puts response.id_token.original_jwt.pretty_generate
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment