3.1.2 • Published 3 months ago
verify-apple-id-token v3.1.2
Verify Apple idToken
- Small utility which verifies the Apple idToken
- You can use it on the backend side
- Token verification is part of Apple sign-in process
- The flow is
- Client app (iOS or Android) will redirect user to the OAuth2 login screen
- User will login
- App will receive the tokens
- App should send the
idToken
to the backend which will verify it
- Verification steps implemented:
- Verify the JWS E256 signature using the server’s public key
- Verify the nonce for the authentication
- Verify that the iss field contains https://appleid.apple.com
- Verify that the aud field is the developer’s client_id
- Verify that the time is earlier than the exp value of the token
Installation
npm install verify-apple-id-token
Usage
Typescript
import verifyAppleToken from "verify-apple-id-token";
const jwtClaims = await verifyAppleToken({
idToken: "yourIdToken",
clientId: "yourAppleClientId", // or ["app1ClientId", "app2ClientId"]
nonce: "nonce", // optional
});
jwtClaims.email; // get email of the user
Javascript
const verifyAppleToken = require("verify-apple-id-token").default;
const jwtClaims = await verifyAppleToken({
idToken: "yourIdToken",
clientId: "yourAppleClientId", // or ["app1ClientId", "app2ClientId"]
nonce: "nonce", // optional
});
Contribution
Thank you for your interest in contributing to verify-apple-id-token
! Please see the CONTRIBUTING.md to learn how to do it!
License
3.1.2
3 months ago
3.1.1
4 months ago
3.1.0
6 months ago
3.0.1
1 year ago
3.0.0
2 years ago
2.2.0
2 years ago
2.1.0
3 years ago
2.0.6
3 years ago
2.0.5
3 years ago
2.0.4
3 years ago
2.0.3
3 years ago
2.0.2
3 years ago
2.0.2-0
3 years ago
2.0.1
3 years ago
2.0.0
3 years ago
2.0.0-rc.2
3 years ago
2.0.0-rc.1
3 years ago
2.0.0-rc.0
3 years ago
1.0.1
4 years ago
1.0.0
4 years ago
0.1.0
4 years ago