2.0.3 • Published 1 month ago

@zeroparticle/nestjs-passport-apple v2.0.3

Weekly downloads
-
License
MIT
Repository
github
Last release
1 month ago

NestJS Passport Apple Strategy

This strategy integrates Apple login capabilities with NestJS's AuthGuard using Passport.

Forked from @arendajaelu/nestjs-passport-apple

Features

  • Utilizes Apple's OAuth2.0 for user authentication
  • Uses NestJS's AuthGuard for easy integration
  • Provides strongly-typed Profile object

Installation

npm install @zeroparticle/nestjs-passport-apple

Usage

Strategy Setup

Here's a full example detailing all available options:

import { Injectable } from '@nestjs/common';
import { AuthGuard, PassportStrategy } from '@nestjs/passport';
import { Strategy, Profile } from '@zeroparticle/nestjs-passport-apple';

const APPLE_STRATEGY_NAME = 'apple';

@Injectable()
export class AppleStrategy extends PassportStrategy(Strategy, APPLE_STRATEGY_NAME) {
  constructor() {
    super({
      clientID: process.env.APPLE_OAUTH_CLIENT_ID,
      teamID: process.env.APPLE_TEAMID,
      keyID: process.env.APPLE_KEYID,
      key: process.env.APPLE_KEY_CONTENTS,
      // OR
      keyFilePath: process.env.APPLE_KEYFILE_PATH,
      callbackURL: process.env.APPLE_OAUTH_CALLBACK_URL
      scope: ['email', 'name'],
      passReqToCallback: false,
    });
  }

  async validate(_accessToken: string, _refreshToken: string, profile: Profile) {
    return {
      emailAddress: profile.email,
      firstName: profile.name?.firstName || '',
      lastName: profile.name?.lastName || '',
    };
  }
}

@Injectable()
export class AppleOAuthGuard extends AuthGuard(APPLE_STRATEGY_NAME) {}

Note: Make sure to add AppleStrategy to the providers array in your module.

Using Guard in Controller

import { Controller, Get, Post, Req, UseGuards } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger';
import { AppleOAuthGuard } from './strategies/apple.strategy';

@ApiTags('oauth')
@Controller('oauth')
export class OAuthController {
  @Get('apple')
  @UseGuards(AppleOAuthGuard)
  async appleLogin() {}

  @Post('apple/callback')
  @UseGuards(AppleOAuthGuard)
  async appleCallback(@Req() req) {
    return req.user;
  }
}

Strategy Options

  • clientID: Apple OAuth2.0 Client ID
  • teamID: Apple Developer Team ID
  • keyID: Apple Key ID
  • key: Contents of the Apple Key. If you want the library to load the contents, use keyFilePath instead.
  • keyFilePath: File path to Apple Key; library will load content using fs.readFileSync
  • authorizationURL: (Optional) Authorization URL; default is https://appleid.apple.com/auth/authorize
  • tokenURL: (Optional) Token URL; default is https://appleid.apple.com/auth/token
  • scope: (Optional) An array of scopes, e.g., ['email', 'name']
  • sessionKey: (Optional) Session Key
  • state: (Optional) Should state parameter be used
  • passReqToCallback: (Optional) Should request be passed to the validate callback; default is false
  • callbackURL: (Optional) Callback URL

Validate Callback

The validate callback is called after successful authentication and contains the accessToken, refreshToken, and profile.

License

Licensed under MIT.

passportauthauthnauthenticationauthzauthorizationappleappleid
jsonwebtokenjwks-rsaoauthpassport-strategyuid2
2.0.3

1 month ago