aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/github/scribejava/apis
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2019-12-20 16:28:41 +0300
committerGravatar Vitaly Takmazov2019-12-20 16:28:41 +0300
commit8f7b2af21beda60d6123f555a0c21d2eadfc777a (patch)
treecec8a81dc63eaa272a4ab9e818ebb0cbde1e4670 /src/main/java/com/github/scribejava/apis
parent3ab17252a7d9f6c5834d85d050a19fa41be0c07d (diff)
Sign In With Apple
Diffstat (limited to 'src/main/java/com/github/scribejava/apis')
-rw-r--r--src/main/java/com/github/scribejava/apis/AppleClientAuthentication.java33
-rw-r--r--src/main/java/com/github/scribejava/apis/AppleClientSecretGenerator.java85
-rw-r--r--src/main/java/com/github/scribejava/apis/AppleSignInApi.java45
3 files changed, 163 insertions, 0 deletions
diff --git a/src/main/java/com/github/scribejava/apis/AppleClientAuthentication.java b/src/main/java/com/github/scribejava/apis/AppleClientAuthentication.java
new file mode 100644
index 00000000..6bb919a3
--- /dev/null
+++ b/src/main/java/com/github/scribejava/apis/AppleClientAuthentication.java
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.github.scribejava.apis;
+
+import com.github.scribejava.core.model.OAuthRequest;
+import com.github.scribejava.core.oauth2.clientauthentication.ClientAuthentication;
+
+public class AppleClientAuthentication implements ClientAuthentication {
+ private final AppleClientSecretGenerator generator;
+ public AppleClientAuthentication(AppleClientSecretGenerator generator) {
+ this.generator = generator;
+ }
+ @Override
+ public void addClientAuthentication(OAuthRequest request, String apiKey, String apiSecret) {
+ request.addBodyParameter("client_id", generator.getApplicationId());
+ request.addBodyParameter("client_secret", generator.getClientSecret());
+ }
+}
diff --git a/src/main/java/com/github/scribejava/apis/AppleClientSecretGenerator.java b/src/main/java/com/github/scribejava/apis/AppleClientSecretGenerator.java
new file mode 100644
index 00000000..3af6bc7a
--- /dev/null
+++ b/src/main/java/com/github/scribejava/apis/AppleClientSecretGenerator.java
@@ -0,0 +1,85 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.github.scribejava.apis;
+
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import org.apache.commons.io.FileUtils;
+
+import java.io.File;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.security.Key;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.EncodedKeySpec;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.time.*;
+import java.util.Base64;
+import java.util.Date;
+
+public class AppleClientSecretGenerator {
+ private final String subject;
+ private final String teamId;
+ private final String keyId;
+
+ private final Key signingKey;
+
+ public AppleClientSecretGenerator(final String subject, final String teamId, final String keyId, final String keyPath)
+ throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
+ this.subject = subject;
+ this.keyId = keyId;
+ this.teamId = teamId;
+
+ String pemData = FileUtils.readFileToString(new File(keyPath), StandardCharsets.UTF_8);
+ String p8encodedData = pemData
+ .replace(
+ "-----BEGIN PRIVATE KEY-----\n", "")
+ .replace("\n", "")
+ .replace("-----END PRIVATE KEY-----", "");
+ KeyFactory kf = KeyFactory.getInstance("EC");
+ EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(p8encodedData));
+ signingKey = kf.generatePrivate(keySpec);
+ }
+
+ public String getClientSecret() {
+ Instant now = Instant.now();
+ return Jwts.builder()
+ .setHeaderParam("kid", keyId)
+ .setIssuer(teamId)
+ .setAudience("https://appleid.apple.com")
+ .setIssuedAt(Date.from(now))
+ .setSubject(subject)
+ .setExpiration(Date.from(ZonedDateTime.ofInstant(now, ZoneId.of("UTC")).plusMonths(1).toInstant()))
+ .signWith(signingKey, SignatureAlgorithm.ES256)
+ .compact();
+ }
+
+ public String getTeamId() {
+ return teamId;
+ }
+
+ public String getKeyId() {
+ return keyId;
+ }
+
+ public String getApplicationId() {
+ return subject;
+ }
+}
diff --git a/src/main/java/com/github/scribejava/apis/AppleSignInApi.java b/src/main/java/com/github/scribejava/apis/AppleSignInApi.java
new file mode 100644
index 00000000..be14ef16
--- /dev/null
+++ b/src/main/java/com/github/scribejava/apis/AppleSignInApi.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright (C) 2008-2019, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.github.scribejava.apis;
+
+import com.github.scribejava.core.builder.api.DefaultApi20;
+import com.github.scribejava.core.oauth2.clientauthentication.ClientAuthentication;
+
+public class AppleSignInApi extends DefaultApi20 {
+
+ private final AppleClientSecretGenerator clientSecretGenerator;
+
+ public AppleSignInApi(AppleClientSecretGenerator clientSecretGenerator) {
+ this.clientSecretGenerator = clientSecretGenerator;
+ }
+
+ @Override
+ public String getAccessTokenEndpoint() {
+ return "https://appleid.apple.com/auth/token";
+ }
+
+ @Override
+ protected String getAuthorizationBaseUrl() {
+ return "https://appleid.apple.com/auth/authorize?response_mode=form_post";
+ }
+
+ @Override
+ public ClientAuthentication getClientAuthentication() {
+ return new AppleClientAuthentication(clientSecretGenerator);
+ }
+}