@wailroth/adonis-ally-apple-v6
Version:
Ally driver for Apple Sign In
128 lines (127 loc) • 4.78 kB
TypeScript
/**
|--------------------------------------------------------------------------
* Search keyword "YourDriver" and replace it with a meaningful name
|--------------------------------------------------------------------------
*/
import { Oauth2Driver } from '@adonisjs/ally';
import type { AllyDriverContract, ApiRequestContract, RedirectRequestContract } from '@adonisjs/ally/types';
import { HttpContext } from '@adonisjs/core/http';
import * as jose from 'jose';
import { AppleAccessToken, AppleDriverConfig, AppleTokenDecoded, AppleUserContract } from './types/main.js';
import { AppleScopes } from './types/main.js';
/**
* Driver implementation. It is mostly configuration driven except the API call
* to get user info.
*/
export declare class AppleDriver extends Oauth2Driver<AppleAccessToken, AppleScopes> implements AllyDriverContract<AppleAccessToken, AppleScopes> {
config: AppleDriverConfig;
/**
* The URL for the redirect request. The user will be redirected on this page
* to authorize the request.
*/
protected authorizeUrl: string;
/**
* The URL to hit to exchange the authorization code for the access token
*/
protected accessTokenUrl: string;
/**
* JWKS Client for Apple key verification
*/
protected jwksClient: ReturnType<typeof jose.createRemoteJWKSet> | null;
/**
* The param name for the authorization code. Read the documentation of your oauth
* provider and update the param name to match the query string field name in
* which the oauth provider sends the authorization_code post redirect.
*/
protected codeParamName: string;
/**
* The param name for the error. Read the documentation of your oauth provider and update
* the param name to match the query string field name in which the oauth provider sends
* the error post redirect
*/
protected errorParamName: string;
/**
* Cookie name for storing the CSRF token. Make sure it is always unique. So a better
* approach is to prefix the oauth provider name to `oauth_state` value. For example:
* For example: "facebook_oauth_state"
*/
protected stateCookieName: string;
/**
* Parameter name to be used for sending and receiving the state from.
* Read the documentation of your oauth provider and update the param
* name to match the query string used by the provider for exchanging
* the state.
*/
protected stateParamName: string;
/**
* Parameter name for sending the scopes to the oauth provider.
*/
protected scopeParamName: string;
/**
* The separator indentifier for defining multiple scopes
*/
protected scopesSeparator: string;
constructor(ctx: HttpContext, config: AppleDriverConfig);
/**
* Initialize JWKS client
*/
private initializeJwksClient;
/**
* Optionally configure the authorization redirect request. The actual request
* is made by the base implementation of "Oauth2" driver and this is a
* hook to pre-configure the request.
*/
protected configureRedirectRequest(request: RedirectRequestContract<AppleScopes>): void;
/**
* Update the implementation to tell if the error received during redirect
* means "ACCESS DENIED".
*/
accessDenied(): boolean;
/**
* Get Apple Signing Key to verify token
*/
protected verifyToken(token: string): Promise<AppleTokenDecoded>;
/**
* Generates Client Secret
* https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens
* @returns clientSecret
*/
protected generateClientSecret(): string;
/**
* Parses user info from the Apple Token
*/
protected getUserInfo(token: string): Promise<AppleUserContract>;
/**
* Get access token
*/
accessToken(callback?: (request: ApiRequestContract) => void): Promise<AppleAccessToken>;
/**
* Returns details for the authorized user
*/
user(callback?: (request: ApiRequestContract) => void): Promise<{
token: AppleAccessToken;
email: string | null;
id: string;
nickName: string;
name: string;
emailVerificationState: "verified" | "unverified" | "unsupported";
avatarUrl: string | null;
original: any;
}>;
/**
* Finds the user by the access token
*/
userFromToken(token: string): Promise<{
token: {
token: string;
type: "bearer";
};
email: string | null;
id: string;
nickName: string;
name: string;
emailVerificationState: "verified" | "unverified" | "unsupported";
avatarUrl: string | null;
original: any;
}>;
}