hexpreview

README.md

# Überauth Apple

> Apple OAuth2 strategy for Überauth.

## Installation

1. Setup your application at [Apple Developer Console](https://developer.apple.com).

1. Add `:ueberauth_apple` to your list of dependencies in `mix.exs`:

    ```elixir
    def deps do
      [{:ueberauth_apple, "~> 0.2"}]
    end
    ```

1. Add the strategy to your applications:

    ```elixir
    def application do
      [applications: [:ueberauth_apple]]
    end
    ```

1. Add Apple to your Überauth configuration:

    ```elixir
    config :ueberauth, Ueberauth,
      providers: [
        apple: {Ueberauth.Strategy.Apple, []}
      ]
    ```

1.  Update your provider configuration:

    If you don't have the client secret, generate the client secret:

    ```elixir
    UeberauthApple.generate_client_secret(%{
      client_id: "com.example.service",
      key_id: "10digitkey",
      team_id: "teamid",
      private_key: "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----"
      })
    ```

    Use that if you want to read client ID/secret from the environment
    variables in the compile time:

    ```elixir
    config :ueberauth, Ueberauth.Strategy.Apple.OAuth,
      client_id: System.get_env("APPLE_CLIENT_ID"),
      client_secret: System.get_env("APPLE_CLIENT_SECRET")
    ```

1.  Include the Überauth plug in your controller:

    ```elixir
    defmodule MyApp.AuthController do
      use MyApp.Web, :controller
      plug Ueberauth
      ...
    end
    ```

1.  Create the request and callback routes if you haven't already:

    ```elixir
    scope "/auth", MyApp do
      pipe_through :browser

      get "/:provider", AuthController, :request
      get "/:provider/callback", AuthController, :callback
    end
    ```

1. Your controller needs to implement callbacks to deal with `Ueberauth.Auth` and `Ueberauth.Failure` responses.

For an example implementation see the [Überauth Example](https://github.com/ueberauth/ueberauth_example) application.

## Calling

Depending on the configured url you can initiate the request through:

    /auth/apple

Or with options:

    /auth/apple?scope=email%20name

By default the requested scope is "name". Scope can be configured either explicitly as a `scope` query value on the request path or in your configuration:

```elixir
config :ueberauth, Ueberauth,
  providers: [
    google: {Ueberauth.Strategy.Apple, [default_scope: "name email"]}
  ]
```

To guard against client-side request modification, it's important to still check the domain in `info.urls[:website]` within the `Ueberauth.Auth` struct if you want to limit sign-in to a specific domain.

## License

Please see [LICENSE](https://github.com/loopsocial/ueberauth_apple/blob/master/LICENSE) for licensing details.