Configure apple sign in, a good starting point is the blog of Aaron Parecki
Add the following variables in your .env file:
SOCIAL_CLIENTID_APPLE=YOUR_APPLE_CLIENT_ID
SOCIAL_CLIENT_SECRET_APPLE=Client_secret
SOCIAL_REDIRECT_APPLE=/social-auth/handle/apple/
The following points should be considered in order to use the apple provider in socialite:
You only get the email address in the first login of the user. You should save the email address (user->email) and the apple identifier (sub) (user->id). The second time you use this identifier to find the user in your laravel applications. See SocialAuthController -> getHandleCallback
Add your authorization handle post request in the VerifyCsrfToken, in this example:
protected $except = [
'/social-auth/handle/apple'
];
Refresh the client_secret apple key each six months (write a automatic cronjob)
A cronjob example with client.rb:
#!/usr/bin/env bash
source /usr/local/rvm/environments/ruby-2.6.3
cd /your_path_apple_sign_in/
ruby client.rb > apple_client.txt
/bin/cp -f apple_client.txt /your_laravel_path/storage/apple/apple_client.txt
chown your_linux_user/your_linux_group /your_laravel_path/storage/apple/apple_client.txt
Other solution to refresh your client secret, see comment alinmiron
If the user is using his anonymous email-address, a standard email relay (mandrill, sendgrid) is not possible at this moment.
Succesfull login: Save your_apple_identifer as apple_identifier in your db and [email protected]
user->email, you only get the email once!!),
for the development you could delete your apple app https://appleid.apple.com/account/manage
(security -> to test this again
- Invalid grant: check that your client_id and client_secret has the same service_id.
- Timeout
- Initiate the apple request again, state is invalid.
The Laravel framework and this example is open-source software licensed under the MIT license.