Created
July 18, 2020 10:17
-
-
Save shibayan/79d59e7e54c2993b89d0c37075072800 to your computer and use it in GitHub Desktop.
Generate "Sign in with Apple" client_secret using .NET Core (C#)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IdentityModel.Tokens.Jwt; | |
| using System.Security.Claims; | |
| using System.Security.Cryptography; | |
| using Microsoft.IdentityModel.Tokens; | |
| namespace ConsoleApp | |
| { | |
| class Program | |
| { | |
| static void Main(string[] args) | |
| { | |
| const string aud = "https://appleid.apple.com"; | |
| const string kid = "0000000000"; // Key ID | |
| const string iss = "0000000000"; // Team ID | |
| const string sub = "ServiceId"; // Client ID (Service ID) | |
| const string privateKey = ""; // Private Key (Base64 Encode) | |
| var cngKey = CngKey.Import(Convert.FromBase64String(privateKey), CngKeyBlobFormat.Pkcs8PrivateBlob); | |
| var securityKey = new ECDsaSecurityKey(new ECDsaCng(cngKey)) | |
| { | |
| KeyId = kid | |
| }; | |
| var descriptor = new SecurityTokenDescriptor | |
| { | |
| Issuer = iss, | |
| Audience = aud, | |
| Subject = new ClaimsIdentity(new[] { new Claim("sub", sub) }), | |
| NotBefore = DateTime.UtcNow, | |
| Expires = DateTime.UtcNow.AddDays(180), | |
| SigningCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.EcdsaSha256) | |
| }; | |
| var handler = new JwtSecurityTokenHandler(); | |
| var token = handler.CreateJwtSecurityToken(descriptor); | |
| Console.WriteLine(handler.WriteToken(token)); | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This solution only for windows platform because of the "Windows CNG". I'm looking for cross platform way.