Example integration of "Sign In with Apple" (SIWA) in ASP.NET Core
Home Page: https://www.scottbrady91.com/OpenID-Connect/Implementing-Sign-In-with-Apple-in-ASPNET-Core
License: MIT License
You can find a full explanation on scottbrady91.com.
To view the old codebase for Apple's original OpenID Connect/not OpenID Connect implementation, check out the v1 tag.
As part of a migration strategy, consolidation, or other need, what would be needed to allow:
Scenario 1: User may link multiple accounts together (Azure Active Directory, or B2C) while Apple ID or any other Issuer or provider, and then use the resource token in the background to access Outlook.office.com data via the Graph API?
Scenario 2: A user has a MSAL 2.0 token and would like Apple ID token in order to access data stored within CloudKit key-value store?
TL;DR I'm looking for ways to use OIDC background tokens with the other provider (log in with Apple, then access 1.0 Beta Graph API AND Cloudkit)
Hi,
My app is a .Net Core 3.1 and added the scopes but still not getting the name and email under idtoken.
I'm using the ExternalLogin.cshtml.cs scaffolding since I have Sign in with Google working.
For Apple I do get the code and idtoken and cookie is generated and app can authenticate but missing name and email.
When reaching OnGetCallbackAsync from ExternalLogin.cs, await _signInManager.GetExternalLoginInfoAsync() is null. However, I manged to advance it without creating the user profile.
The /SignInApple callback is not reached, was expecting the user data here too. At which stage is called? (actually haven't seen one in your sample).
Should I do a new request to"https://appleid.apple.com/auth/token" based on received code in order to get the name/email?
I've posted a comment here:
https://developer.apple.com/forums/thread/118209?page=4
Thanks
Hi how can i get the email of the user after a successful login, I added the email to the scope,
at the moment I am using my email to login however on a successful login I only get the sub and the nonce_supported.
I need the email in order to register the user in my application
Hello,
Seeing the following error message during the callback from Apple. It's being thrown from the TokenGenerator. May I know if this is something you came across.
WindowsCryptographicException: The system cannot find the file specified.
System.Security.Cryptography.CngKey.Import(ReadOnlySpan keyBlob, string curveName, CngKeyBlobFormat format, CngProvider provider)
System.Security.Cryptography.CngKey.Import(byte[] keyBlob, string curveName, CngKeyBlobFormat format, CngProvider provider)
System.Security.Cryptography.CngKey.Import(byte[] keyBlob, CngKeyBlobFormat format)
IdentityServer.TokenGenerator.CreateNewToken() in Startup.cs
IdentityServer.Startup+<>c.b__6_13(AuthorizationCodeReceivedContext context) in Startup.cs
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectEvents.AuthorizationCodeReceived(AuthorizationCodeReceivedContext context)
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RunAuthorizationCodeReceivedEventAsync(OpenIdConnectMessage authorizationResponse, ClaimsPrincipal user, AuthenticationProperties properties, JwtSecurityToken jwt)
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync()
Thanks
Naresh
var cngKey = CngKey.Import(Convert.FromBase64String(privateKey), CngKeyBlobFormat.Pkcs8PrivateBlob);it will get fail message " [Windows Cryptography Next Generation (CNG) is not supported on this platform.] " on linux.
About one time in three I get this error:
---> Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException: IDX10501: Signature validation failed. Unable to match key:
kid: '***'.
token: '{"alg":"RS256","kid":"***"}.{"iss":"https://appleid.apple.com","aud":"***","exp":1584977066,"iat":1584976466,"sub":"***","at_hash":"***","auth_time":1584976464,"nonce_supported":true}'.
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(String token, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.ValidateToken(String idToken, AuthenticationProperties properties, TokenValidationParameters validationParameters, JwtSecurityToken& jwt)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync()
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
Not sure why, any ideas?
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.