npm
Sign UpSign In

verify-apple-token

2.1.0 • Public • Published

Build Status Publish Status npm version codecov

Verify Apple idToken

  • Small utility which verifies the Apple idToken
  • You can use it on the backend side
  • Token verification is part of Apple sign-in process
  • The flow is
    • Client app (iOS or Android) will redirect user to the OAuth2 login screen
    • User will login
    • App will receive the tokens
    • App should send the idToken to the backend which will verify it
  • Verification steps implemented:
    • Verify the JWS E256 signature using the server’s public key
    • Verify the nonce for the authentication
    • Verify that the iss field contains https://appleid.apple.com
    • Verify that the aud field is the developer’s client_id
    • Verify that the time is earlier than the exp value of the token

Installation

npm install verify-apple-token

Usage

Typescript

import verifyAppleToken from 'verify-apple-id-token';

const jwtClaims = await verifyAppleToken({
    idToken: 'yourIdToken',
    clientId: 'yourAppleClientId',
    nonce: 'nonce', // optional
});

Javascript

const verifyAppleToken = require('verify-apple-id-token').default;

const jwtClaims = await verifyAppleToken({
    idToken: 'yourIdToken',
    clientId: 'yourAppleClientId',
    nonce: 'nonce', // optional
});

Versions

Current Tags

  • Version
    Downloads (Last 7 Days)
    • Tag
  • 2.1.0
    16
    • latest

Version History

  • Version
    Downloads (Last 7 Days)
    • Published
  • 2.1.0
    16
  • 2.0.9
    0
  • 2.0.8
    0
  • 2.0.7
    0
  • 2.0.6
    0

Package Sidebar

Install

npm i verify-apple-token

Repository

github.com/stefan-prokop-cz/verify-apple-id-token

Homepage

github.com/stefan-prokop-cz/verify-apple-id-token#readme

Weekly Downloads

16

Version

2.1.0

License

MIT

Unpacked Size

71.9 kB

Total Files

40

Last publish

Collaborators

  • quanghuy_1992_vn
Try on RunKit
Report malware