Benature/omnivore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1146 from omnivore-app/feature/android-apple-login-redirect

Browse Source 
Android Apple Login Endpoint
This commit is contained in:
Satindar Dhillon
2022-08-28 21:17:32 -07:00
committed by GitHub
parent a08a8d0089 3f6ade9614
commit dfea982df7
2 changed files with 20 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
packages/api/src/routers/auth/apple_auth.ts
View File

@ -41,8 +41,7 @@ async function fetchApplePublicKey(kid: string): Promise<string | null> {
}
export async function decodeAppleToken(
token: string,
isWeb?: boolean
token: string
): Promise<DecodeTokenResult> {
const decodedToken = jwt.decode(token, { complete: true })
const { kid, alg } = (decodedToken as any).header
@ -54,8 +53,8 @@ export async function decodeAppleToken(
}
const jwtClaims: any = jwt.verify(token, publicKey, { algorithms: [alg] })
const issVerified = (jwtClaims.iss ?? '') === appleBaseURL
const audVerified =
(jwtClaims.aud ?? '') === isWeb ? webAudienceName : audienceName
const audience = jwtClaims.aud ?? ''
const audVerified = audience == webAudienceName || audience === audienceName
if (issVerified && audVerified && jwtClaims.email) {
return {
email: jwtClaims.email,
@ -106,7 +105,7 @@ export async function handleAppleWebAuth(
return env.client.url
}
const decodedTokenResult = await decodeAppleToken(idToken, true)
const decodedTokenResult = await decodeAppleToken(idToken)
const authFailedRedirect = `${baseURL()}/login?errorCodes=${
LoginErrorCode.AuthFailed
}`

16
packages/api/src/routers/auth/mobile/mobile_auth_router.ts
View File

@ -11,6 +11,9 @@ import {
createMobileEmailSignUpResponse,
} from './sign_up'
import { createMobileAccountCreationResponse } from './account_creation'
import { env } from '../../../env'
import { corsConfig } from '../../../utils/corsConfig'
import cors from 'cors'
export function mobileAuthRouter() {
const router = express.Router()
@ -60,5 +63,18 @@ export function mobileAuthRouter() {
res.status(payload.statusCode).json(payload.json)
})
// Required since this will be called from Android WebView
router.options(
'/android-apple-redirect',
cors<express.Request>({ ...corsConfig, maxAge: 600 })
)
router.post('/android-apple-redirect', (req, res) => {
const { id_token } = req.body
return res.redirect(
`${env.client.url}/android-apple-token?token=${id_token as string}`
)
})
return router
}