Aaron Parecki

62°F

Ben Sandofsky https://twitter.com/sandofsky • Jun 3
Wow. Apple sign-in support is mandatory? https://developer.apple.com/news/?id=06032019j

Sounds like they are requiring Apple Sign-In to be an option if any other third party sign-in is also provided. Good move IMO, better for users! This will stop apps from having just a "Sign in with Facebook" option.

Portland, Oregon, USA

22 likes 1 reply

Mon, Jun 3, 2019 4:49pm -07:00
Ben Sandofsky https://twitter.com/sandofsky

Wow. Apple sign-in support is mandatory? https://developer.apple.com/news/?id=06032019j

Portland, Oregon

Mon, Jun 3, 2019 10:23pm +00:00 (liked on Mon, Jun 3, 2019 4:48pm -07:00)
Barry Dorrans https://twitter.com/blowdart • Jun 3
Oof no discovery document? Blah

Not that I've been able to find! Also can't find their userinfo or introspection endpoints. I also had to guess their authorization endpoint because it's not in their docs.

Portland, Oregon

1 like 1 reply

Mon, Jun 3, 2019 4:29pm -07:00
Barry Dorrans https://twitter.com/blowdart • Jun 3
No token binding? 😒

So far there's no docs on what you can do with the access token. I suspect using it may require also including the client_secret which is a signed JWT, or who knows. Here's the working code: https://github.com/aaronpk/sign-in-with-apple-example

Portland, Oregon, USA

3 replies

Mon, Jun 3, 2019 4:01pm -07:00
Jhonny https://twitter.com/JhonnyBillM • Jun 3
Do you know if I can request users profile picture ?

So far there is no indication that'll be possible.

Portland, Oregon

1 like

Mon, Jun 3, 2019 3:45pm -07:00
Aaron Parecki https://aaronparecki.com/ • Jun 3
weirdnesses:

• Their token endpoint requires setting a User-Agent header, otherwise responds with an HTML error
• Client secrets are a signed JWT using ECDSA + SHA256
• An email address isn't returned even when requesting the `email` scope

If you're interested, here is my sample code I was able to use to get an access token and ID token from Apple

https://github.com/aaronpk/sign-in-with-apple-example

Portland, Oregon, USA

31 likes 12 reposts 2 replies

Mon, Jun 3, 2019 3:20pm -07:00
Blaine Cook https://twitter.com/blaine • Jun 3
Oh, nice, where did you find the details?

They have some docs here https://developer.apple.com/sign-in-with-apple/get-started/ but their docs are missing quite a bit right now. I had to guess at some endpoints and things.

Portland, Oregon, USA

6 likes 1 reply

Mon, Jun 3, 2019 2:29pm -07:00
Marc Köhlbrugge https://twitter.com/marckohlbrugge • Jun 3
Some ppl pointed out this is probably “just” an implementation of OAuth w/ email forwarding on top.

That’s probably correct. However, what sets Apple apart from the other major OAuth providers (mainly Facebook & Google) is that Apple is not in the business of selling your data.

I just tried it out and it's OAuth + OpenID Connect with a little bit of Apple uniqueness sprinkled in.

Portland, Oregon, USA

4 likes

Mon, Jun 3, 2019 2:29pm -07:00
Aaron Parecki https://aaronparecki.com/ • Jun 3
Initial test of the "Sign in with Apple" API:

• It's more or less based on OAuth + OIDC
• Their documentation is missing a lot of key info to use it right now, I had to guess at a lot of things
• The `sub` claim includes some sort of unique user identifier, not an email

weirdnesses:

• Their token endpoint requires setting a User-Agent header, otherwise responds with an HTML error
• Client secrets are a signed JWT using ECDSA + SHA256
• An email address isn't returned even when requesting the `email` scope

Portland, Oregon, USA

12 likes 1 repost 2 replies

Mon, Jun 3, 2019 2:24pm -07:00
Initial test of the "Sign in with Apple" API:

• It's more or less based on OAuth + OIDC
• Their documentation is missing a lot of key info to use it right now, I had to guess at a lot of things
• The `sub` claim includes some sort of unique user identifier, not an email

Portland, Oregon, USA

74 likes 23 reposts 8 replies

Mon, Jun 3, 2019 2:21pm -07:00 #oauth
Well this is exciting. 🍎🔐 #AppleID #OAuth #WWDC2019 #WWDC

Portland, Oregon, USA

9 likes 1 repost 2 replies

Mon, Jun 3, 2019 1:38pm -07:00 #appleid #oauth #wwdc2019 #wwdc
📷 PhotoJoseph 🎥 https://twitter.com/photojoseph • Jun 3
DIRECT IMPORT INTO LIGHTROOM ON iPadOS!!!!!! Finally. Fi. Na. Lly.

I definitely thought of you when they announced that!

Portland, Oregon

1 like

Mon, Jun 3, 2019 11:43am -07:00
📷 PhotoJoseph 🎥 https://twitter.com/photojoseph

DIRECT IMPORT INTO LIGHTROOM ON iPadOS!!!!!! Finally. Fi. Na. Lly.

Portland, Oregon

Mon, Jun 3, 2019 6:11pm +00:00 (liked on Mon, Jun 3, 2019 11:39am -07:00)
Nick Loadholtes🔭📡🛰 https://twitter.com/nloadholtes

The more I look at the #indieweb stuff (the tech, the community, the overall philosophy) the more I keep thinking I should start a new blog and just write.

No more being tied to an agenda, just writing to satisfy myself.

Portland, Oregon

Mon, Jun 3, 2019 1:04am +00:00 (liked on Sun, Jun 2, 2019 9:19pm -07:00) #indieweb
Armando Ferreira https://twitter.com/mondobytes

https://twitter.com/mondobytes/status/1135014985707352064

Portland, Oregon

Sun, Jun 2, 2019 2:47am +00:00 (liked on Sun, Jun 2, 2019 4:16pm -07:00)
at Sweetpea Baking Company

Portland, Oregon • Sun, June 2, 2019 10:51am

45.519372 -122.653367

#pedalpalooza — with anomalily

Portland, OR, United States

anomalily.world

105 Coins

Sun, Jun 2, 2019 10:51am -07:00 #pedalpalooza
at Next Level Burger

Portland, Oregon • Sun, June 2, 2019 9:42am

45.51234 -122.619767

#pedalpalooza

Portland, OR, United States

Checked in by anomalily

20 Coins

Sun, Jun 2, 2019 9:42am -07:00
at Nectar Cafe

Portland, Oregon • Sun, June 2, 2019 8:17am

45.536779 -122.620531

#pedalpalooza tofu and mimosas ride! 🍾🚲 — with anomalily

Portland, OR, United States

anomalily.world

35 Coins

Sun, Jun 2, 2019 8:17am -07:00 #pedalpalooza
at The Fields Neighborhood Park

Portland, Oregon • Sat, June 1, 2019 3:33pm

45.532493 -122.681985

#pedalpalooza kickoff ride! — with anomalily, Don, JK

Portland, OR, United States

anomalily.world foursquare.com/user/7713 foursquare.com/user/207291

102 Coins

Sat, Jun 1, 2019 3:33pm -07:00 #pedalpalooza
Charlie "Don't Surf" Owen https://twitter.com/sonniesedge

Someone asking "is that React?" is a question that will haunt me to my grave.

Portland, Oregon

Fri, May 31, 2019 12:42pm +00:00 (liked on Fri, May 31, 2019 6:23pm -07:00)

older