Forem: R The latest articles on Forem by R (@rrdlpl). https://forem.com/rrdlpl https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F348074%2F15a23c66-8230-4bf3-a5ff-4d82566e564f.jpeg Forem: R https://forem.com/rrdlpl en Sign in with AppleId + Angular + NestJS R Fri, 24 Jul 2020 14:05:22 +0000 https://forem.com/rrdlpl/sign-in-with-appleid-angular-nestjs-5ejp https://forem.com/rrdlpl/sign-in-with-appleid-angular-nestjs-5ejp <h2> Prerequisites </h2> <ul> <li>$99.0 USD to be <a href="https://developer.apple.com/programs/enroll/">Enrolled as Developer in Apple</a> </li> <li>You should create App ID and Service ID in your Apple Developer Account.</li> <li>Check Apple documentation related to <a href="https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js">Sign in with apple</a> feature.</li> <li>Angular project.</li> <li>NestJS project.</li> </ul> <h2> Initial setup </h2> <p>Register your app in apple. For this example, I'm using <code>https://auth.example.com</code> and <code>https://auth.example.com/auth/apple</code> for the <em>URL</em> and <em>redirectURL</em> respectively. </p> <p>Since Apple only allows HTTPS connections for the Sign-In we will require to set up a reverse proxy with a self-signed certificate to test this locally. </p> <p>To generate these certificates you could use OpenSSL. Make sure that the Common Name (eg, fully qualified hostname) is <em>auth.example.com</em></p> <p><code>openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt</code></p> <p>Create the following folder and move the certificates under it: <code>/certs/secrets/</code> and install them on your pc afterward. </p> <p>I used redbird to set up the reverse proxy.</p> <p><code>npm install --save-dev redbird</code></p> <p>Create a proxy file on your root folder. The proxy file should look like this: </p> <p><code>proxy.js</code><br> </p> <div class="highlight"><pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">proxy</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">redbird</span><span class="dl">"</span><span class="p">)({</span> <span class="na">port</span><span class="p">:</span> <span class="mi">80</span><span class="p">,</span> <span class="na">ssl</span><span class="p">:</span> <span class="p">{</span> <span class="na">http2</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">port</span><span class="p">:</span> <span class="mi">443</span><span class="p">,</span> <span class="c1">// SSL port used to serve registered https routes with LetsEncrypt certificate.</span> <span class="na">key</span><span class="p">:</span> <span class="dl">"</span><span class="s2">./certs/secrets/privateKey.key</span><span class="dl">"</span><span class="p">,</span> <span class="na">cert</span><span class="p">:</span> <span class="dl">"</span><span class="s2">./certs/secrets/certificate.crt</span><span class="dl">"</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="c1">// Angular apps</span> <span class="nx">proxy</span><span class="p">.</span><span class="nx">register</span><span class="p">(</span><span class="dl">"</span><span class="s2">auth.example.com</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">http://localhost:9999</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// NestJS services</span> <span class="nx">proxy</span><span class="p">.</span><span class="nx">register</span><span class="p">(</span><span class="dl">"</span><span class="s2">auth.example.com/auth</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">http://localhost:3333</span><span class="dl">"</span><span class="p">);</span> </code></pre></div> <p>Run the proxy using node: <code>node proxy.js</code></p> <p><em>Note</em>: make sure that the ports are pointing correctly for you ;)</p> <h2> The frontend </h2> <p>For the frontend project, we will install <a href="https://github.com/abacritt/angularx-social-login#readme">angularx-social-login</a>. This library is a social login and authentication module for Angular 9 / 10. Supports authentication with Google, Facebook, and Amazon. Can be extended to other providers also. </p> <p><code>npm install --save angularx-social-login</code></p> <p>If you are lazy enough as me, you could clone the project from angularx-social-login and work from that we are just going to <br> extend his library to add the provider for Apple Sign in.</p> <p><code>app.module.ts</code></p> <p>We register the module for social login.<br> </p> <div class="highlight"><pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">BrowserModule</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/platform-browser</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">NgModule</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/core</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">FormsModule</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/forms</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">HttpClientModule</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@angular/common/http</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">AppComponent</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./app.component</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">NavigationComponent</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./navigation/navigation.component</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">DemoComponent</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./demo/demo.component</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">LogoWobbleComponent</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./logo-wobble/logo-wobble.component</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">SocialLoginModule</span><span class="p">,</span> <span class="nx">GoogleLoginProvider</span><span class="p">,</span> <span class="nx">FacebookLoginProvider</span><span class="p">,</span> <span class="nx">SocialAuthServiceConfig</span><span class="p">,</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">angularx-social-login</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">AppleLoginProvider</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./providers/apple-login.provider</span><span class="dl">'</span><span class="p">;</span> <span class="p">@</span><span class="nd">NgModule</span><span class="p">({</span> <span class="na">declarations</span><span class="p">:</span> <span class="p">[</span> <span class="nx">AppComponent</span><span class="p">,</span> <span class="nx">NavigationComponent</span><span class="p">,</span> <span class="nx">DemoComponent</span><span class="p">,</span> <span class="nx">LogoWobbleComponent</span><span class="p">,</span> <span class="p">],</span> <span class="na">imports</span><span class="p">:</span> <span class="p">[</span><span class="nx">BrowserModule</span><span class="p">,</span> <span class="nx">FormsModule</span><span class="p">,</span> <span class="nx">HttpClientModule</span><span class="p">,</span> <span class="nx">SocialLoginModule</span><span class="p">],</span> <span class="na">providers</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">provide</span><span class="p">:</span> <span class="dl">'</span><span class="s1">SocialAuthServiceConfig</span><span class="dl">'</span><span class="p">,</span> <span class="na">useValue</span><span class="p">:</span> <span class="p">{</span> <span class="na">autoLogin</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">providers</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">id</span><span class="p">:</span> <span class="nx">AppleLoginProvider</span><span class="p">.</span><span class="nx">PROVIDER_ID</span><span class="p">,</span> <span class="na">provider</span><span class="p">:</span> <span class="k">new</span> <span class="nx">AppleLoginProvider</span><span class="p">(</span> <span class="dl">'</span><span class="s1">[CLIENT_ID]</span><span class="dl">'</span> <span class="p">),</span> <span class="p">},</span> <span class="p">],</span> <span class="p">}</span> <span class="k">as</span> <span class="nx">SocialAuthServiceConfig</span><span class="p">,</span> <span class="p">},</span> <span class="p">],</span> <span class="na">bootstrap</span><span class="p">:</span> <span class="p">[</span><span class="nx">AppComponent</span><span class="p">],</span> <span class="p">})</span> <span class="k">export</span> <span class="kd">class</span> <span class="nx">AppModule</span> <span class="p">{}</span> </code></pre></div> <p><code>apple.provider.ts</code></p> <p>The AppleLoginProvider will inherit from BaseLoginProvider of angularx-social-login library which has implemented a method to load the <a href="https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js">script</a> required to enable the Sign In.<br> </p> <div class="highlight"><pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">BaseLoginProvider</span><span class="p">,</span> <span class="nx">SocialUser</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">angularx-social-login</span><span class="dl">'</span><span class="p">;</span> <span class="kr">declare</span> <span class="kd">let</span> <span class="nx">AppleID</span><span class="p">:</span> <span class="kr">any</span><span class="p">;</span> <span class="k">export</span> <span class="kd">class</span> <span class="nx">AppleLoginProvider</span> <span class="kd">extends</span> <span class="nx">BaseLoginProvider</span> <span class="p">{</span> <span class="k">public</span> <span class="k">static</span> <span class="k">readonly</span> <span class="nx">PROVIDER_ID</span><span class="p">:</span> <span class="kr">string</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">APPLE</span><span class="dl">'</span><span class="p">;</span> <span class="k">protected</span> <span class="nx">auth2</span><span class="p">:</span> <span class="kr">any</span><span class="p">;</span> <span class="kd">constructor</span><span class="p">(</span> <span class="k">private</span> <span class="nx">clientId</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="k">private</span> <span class="nx">_initOptions</span><span class="p">:</span> <span class="kr">any</span> <span class="o">=</span> <span class="p">{</span> <span class="na">scope</span><span class="p">:</span> <span class="dl">'</span><span class="s1">email name</span><span class="dl">'</span> <span class="p">}</span> <span class="p">)</span> <span class="p">{</span> <span class="k">super</span><span class="p">();</span> <span class="p">}</span> <span class="k">public</span> <span class="nx">initialize</span><span class="p">():</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="k">void</span><span class="o">&gt;</span> <span class="p">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nb">Promise</span><span class="p">((</span><span class="nx">resolve</span><span class="p">,</span> <span class="nx">_reject</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">this</span><span class="p">.</span><span class="nx">loadScript</span><span class="p">(</span> <span class="nx">AppleLoginProvider</span><span class="p">.</span><span class="nx">PROVIDER_ID</span><span class="p">,</span> <span class="dl">'</span><span class="s1">https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js</span><span class="dl">'</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">AppleID</span><span class="p">.</span><span class="nx">auth</span><span class="p">.</span><span class="nx">init</span><span class="p">({</span> <span class="na">clientId</span><span class="p">:</span> <span class="k">this</span><span class="p">.</span><span class="nx">clientId</span><span class="p">,</span> <span class="na">scope</span><span class="p">:</span> <span class="dl">'</span><span class="s1">name email</span><span class="dl">'</span><span class="p">,</span> <span class="na">redirectURI</span><span class="p">:</span> <span class="dl">'</span><span class="s1">https://auth.example.com/auth/apple</span><span class="dl">'</span><span class="p">,</span> <span class="na">state</span><span class="p">:</span> <span class="dl">'</span><span class="s1">[ANYTHING]</span><span class="dl">'</span><span class="p">,</span> <span class="c1">//used to prevent CSFR</span> <span class="na">usePopup</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="p">});</span> <span class="nx">resolve</span><span class="p">();</span> <span class="p">}</span> <span class="p">);</span> <span class="p">});</span> <span class="p">}</span> <span class="k">public</span> <span class="nx">getLoginStatus</span><span class="p">():</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">SocialUser</span><span class="o">&gt;</span> <span class="p">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nb">Promise</span><span class="p">((</span><span class="nx">resolve</span><span class="p">,</span> <span class="nx">reject</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// todo: implement</span> <span class="nx">resolve</span><span class="p">();</span> <span class="p">});</span> <span class="p">}</span> <span class="k">public</span> <span class="k">async</span> <span class="nx">signIn</span><span class="p">(</span><span class="nx">signInOptions</span><span class="p">?:</span> <span class="kr">any</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">SocialUser</span><span class="o">&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">AppleID</span><span class="p">.</span><span class="nx">auth</span><span class="p">.</span><span class="nx">signIn</span><span class="p">()</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">er</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="nx">er</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="k">public</span> <span class="nx">signOut</span><span class="p">(</span><span class="nx">revoke</span><span class="p">?:</span> <span class="nx">boolean</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="kr">any</span><span class="o">&gt;</span> <span class="p">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nb">Promise</span><span class="p">((</span><span class="nx">resolve</span><span class="p">,</span> <span class="nx">reject</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// AppleID doesnt have revoke method</span> <span class="nx">resolve</span><span class="p">();</span> <span class="p">});</span> <span class="p">}</span> <span class="p">}</span> </code></pre></div> <h3> Brief explanation. </h3> <ul> <li>The client id is the identifier id of the Apple APP. After creating this in your developer account you should have gotten it.</li> <li>The method <code>initialize()</code> will include the library of Apple, which already gives the object <code>AppleID</code>, required to enable the login. The important thing is that <code>redirectURI</code> has to be <em>https</em>.</li> <li>This call <code>await AppleID.auth.signIn()</code> will initialize the Sign-in of apple after successful login it will trigger a POST request to the <code>redirectURI</code>. </li> </ul> <h2> The backend </h2> <p>I'm assuming that you are familiar with NestJS so here I'm only going to show the required minimal code. </p> <p>For the backend, I'm using another library to decrypt the code that is sent from apple after a successful login. So, let's go ahead and install it :D. </p> <p><code>npm install --save apple-signin</code> </p> <p><a href="https://www.npmjs.com/package/apple-signin">apple-signin</a> allows you to authenticate users using Apple account in your Node.js application.</p> <h3> The Apple auth controller. </h3> <p><code>apple.controller.ts</code><br> </p> <div class="highlight"><pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Controller</span><span class="p">,</span> <span class="nx">Get</span><span class="p">,</span> <span class="nx">Post</span><span class="p">,</span> <span class="nx">Body</span><span class="p">,</span> <span class="nx">ForbiddenException</span><span class="p">,</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@nestjs/common</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">AppleService</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./apple.service</span><span class="dl">'</span><span class="p">;</span> <span class="p">@</span><span class="nd">Controller</span><span class="p">()</span> <span class="k">export</span> <span class="kd">class</span> <span class="nx">AppleController</span> <span class="p">{</span> <span class="kd">constructor</span><span class="p">(</span><span class="k">private</span> <span class="k">readonly</span> <span class="nx">appleService</span><span class="p">:</span> <span class="nx">AppleService</span><span class="p">)</span> <span class="p">{}</span> <span class="p">@</span><span class="nd">Post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/apple</span><span class="dl">'</span><span class="p">)</span> <span class="k">public</span> <span class="k">async</span> <span class="nx">appleLogin</span><span class="p">(@</span><span class="nd">Body</span><span class="p">()</span> <span class="nx">payload</span><span class="p">:</span> <span class="kr">any</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="kr">any</span><span class="o">&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">Received</span><span class="dl">'</span><span class="p">,</span> <span class="nx">payload</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">payload</span><span class="p">.</span><span class="nx">code</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nx">ForbiddenException</span><span class="p">();</span> <span class="p">}</span> <span class="k">return</span> <span class="k">this</span><span class="p">.</span><span class="nx">appleService</span><span class="p">.</span><span class="nx">verifyUser</span><span class="p">(</span><span class="nx">payload</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre></div> <p><code>apple.service.ts</code><br> </p> <div class="highlight"><pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Injectable</span><span class="p">,</span> <span class="nx">ForbiddenException</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@nestjs/common</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">appleSignin</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">apple-signin</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="nx">path</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">path</span><span class="dl">'</span><span class="p">);</span> <span class="p">@</span><span class="nd">Injectable</span><span class="p">()</span> <span class="k">export</span> <span class="kd">class</span> <span class="nx">AppleService</span> <span class="p">{</span> <span class="k">public</span> <span class="nx">getHello</span><span class="p">():</span> <span class="kr">string</span> <span class="p">{</span> <span class="k">return</span> <span class="dl">'</span><span class="s1">Hello World dfs!</span><span class="dl">'</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="k">async</span> <span class="nx">verifyUser</span><span class="p">(</span><span class="nx">payload</span><span class="p">:</span> <span class="kr">any</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="kr">any</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">clientSecret</span> <span class="o">=</span> <span class="nx">appleSignin</span><span class="p">.</span><span class="nx">getClientSecret</span><span class="p">({</span> <span class="na">clientID</span><span class="p">:</span> <span class="dl">'</span><span class="s1">[CLIENT_ID]</span><span class="dl">'</span><span class="p">,</span> <span class="na">teamId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">[TEAM_ID]</span><span class="dl">'</span><span class="p">,</span> <span class="na">keyIdentifier</span><span class="p">:</span> <span class="dl">'</span><span class="s1">[KEY_ID]</span><span class="dl">'</span><span class="p">,</span> <span class="na">privateKeyPath</span><span class="p">:</span> <span class="nx">path</span><span class="p">.</span><span class="nx">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">'</span><span class="s1">/secrets/[APPLE_KEY].p8</span><span class="dl">'</span><span class="p">),</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">tokens</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">appleSignin</span><span class="p">.</span><span class="nx">getAuthorizationToken</span><span class="p">(</span><span class="nx">payload</span><span class="p">.</span><span class="nx">code</span><span class="p">,</span> <span class="p">{</span> <span class="na">clientID</span><span class="p">:</span> <span class="dl">'</span><span class="s1">[CLIENT_ID]</span><span class="dl">'</span><span class="p">,</span> <span class="na">clientSecret</span><span class="p">:</span> <span class="nx">clientSecret</span><span class="p">,</span> <span class="na">redirectUri</span><span class="p">:</span> <span class="dl">'</span><span class="s1">https://auth.example.com/auth/apple</span><span class="dl">'</span><span class="p">,</span> <span class="p">});</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">tokens</span><span class="p">.</span><span class="nx">id_token</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">no token.id_token</span><span class="dl">'</span><span class="p">);</span> <span class="k">throw</span> <span class="k">new</span> <span class="nx">ForbiddenException</span><span class="p">();</span> <span class="p">}</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">tokens</span><span class="dl">'</span><span class="p">,</span> <span class="nx">tokens</span><span class="p">);</span> <span class="c1">// TODO: AFTER THE FIRST LOGIN APPLE WON'T SEND THE USERDATA ( FIRST NAME AND LASTNAME, ETC.) THIS SHOULD BE SAVED ANYWHERE</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">appleSignin</span><span class="p">.</span><span class="nx">verifyIdToken</span><span class="p">(</span><span class="nx">tokens</span><span class="p">.</span><span class="nx">id_token</span><span class="p">);</span> <span class="k">return</span> <span class="p">{</span> <span class="nx">data</span><span class="p">,</span> <span class="nx">tokens</span> <span class="p">};</span> <span class="p">}</span> <span class="p">}</span> </code></pre></div> <p><em>NOTE</em> </p> <ul> <li>All the data required on this part should have been gotten when you registered your webapp in apple. Just make sure that the private key file is available at the path <code>/secrets/[APPLE_KEY].p8</code>: </li> </ul> <div class="highlight"><pre class="highlight typescript"><code> <span class="nx">clientID</span><span class="p">:</span> <span class="dl">'</span><span class="s1">[CLIENT_ID]</span><span class="dl">'</span><span class="p">,</span> <span class="nx">teamId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">[TEAM_ID]</span><span class="dl">'</span><span class="p">,</span> <span class="nx">keyIdentifier</span><span class="p">:</span> <span class="dl">'</span><span class="s1">[KEY_ID]</span><span class="dl">'</span><span class="p">,</span> <span class="nx">privateKeyPath</span><span class="p">:</span> <span class="nx">path</span><span class="p">.</span><span class="nx">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">'</span><span class="s1">/secrets/[APPLE_KEY].p8</span><span class="dl">'</span><span class="p">),</span> </code></pre></div> <ul> <li>Another important note is that after the first successful login, apple will not send you the User data, so this should be stored anywhere. </li> </ul> <p>Enjoy! :)</p> angular javascript tutorial todayilearned