Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Profile is empty in Nestjs #47

Open
sujayroro opened this issue Jul 6, 2023 · 5 comments
Open

Profile is empty in Nestjs #47

sujayroro opened this issue Jul 6, 2023 · 5 comments

Comments

@sujayroro
Copy link

sujayroro commented Jul 6, 2023
edited
Loading

Profile parameter returns empty object on validate function Nestjs.
@ananay
Copy link
Owner

ananay commented Jul 15, 2023

Hello, this seems to be working for me.

Please note that the profile info (a.k.a the First and Last Name) are shown only the FIRST time you sign in to the app. The next time you sign in, Apple will not provide you with this information.

image

You can revoke the app by going into Sign in with Apple section on appleid.apple.com

image

@utshomax
Copy link

utshomax commented Aug 18, 2023
edited
Loading

Same issue here with express. returns empty object.

@zenstok
Copy link

zenstok commented Aug 23, 2023

It will always return empty object for profile, because this package actually never sets the profile attribute. @ananay if you want to implement it, you will need to override this method https://github.com/jaredhanson/passport-oauth2/blob/master/lib/strategy.js#L318, but from what i've seen, Apple is not using access token, so I don't think it's possible now.

You can use my template below which should work with @nestjs/passport 10.0.2.

@Injectable()
export class AppleStrategy extends PassportStrategy(Strategy, 'apple', 6) {
  constructor(
    configService: ConfigService,
    configHelperService: ConfigHelperService,
  ) {
    super({
      clientID: configService.get('APPLE_CLIENT_ID'),
      teamID: configService.get('APPLE_TEAM_ID'),
      keyID: configService.get('APPLE_KEY_ID'),
      privateKeyLocation: configService.get('APPLE_APPLICATION_CREDENTIALS'),
      callbackURL: configHelperService.getAppleCallbackUrl(),
      passReqToCallback: true,
    });
  }

  async validate(
    req: any,
    accessToken: string,
    refreshToken: string,
    idToken: string,
    profile: any,
    done: VerifyCallback,
  ): Promise<any> {
    console.log('apple profile', req.appleProfile); // this will be available only on first request, subsequent requests will give you undefined
    console.log('accessToken', accessToken);
    console.log('refreshToken', refreshToken);
    console.log('idToken', idToken); // from this you can retrieve the user id and email (email can be hidden)
    console.log('profile', profile); // this will always be an empty object
    console.log('done', done);

    // for security reasons, you should also check if the token is valid, check iss, aud, exp, etc.

    done(null, {});
  }
}

@BijanRegmi
Copy link

It will always return empty object for profile, because this package actually never sets the profile attribute. @ananay if you want to implement it, you will need to override this method https://github.com/jaredhanson/passport-oauth2/blob/master/lib/strategy.js#L318, but from what i've seen, Apple is not using access token, so I don't think it's possible now.

You can use my template below which should work with @nestjs/passport 10.0.2.

@Injectable()
export class AppleStrategy extends PassportStrategy(Strategy, 'apple', 6) {
  constructor(
    configService: ConfigService,
    configHelperService: ConfigHelperService,
  ) {
    super({
      clientID: configService.get('APPLE_CLIENT_ID'),
      teamID: configService.get('APPLE_TEAM_ID'),
      keyID: configService.get('APPLE_KEY_ID'),
      privateKeyLocation: configService.get('APPLE_APPLICATION_CREDENTIALS'),
      callbackURL: configHelperService.getAppleCallbackUrl(),
      passReqToCallback: true,
    });
  }

  async validate(
    req: any,
    accessToken: string,
    refreshToken: string,
    idToken: string,
    profile: any,
    done: VerifyCallback,
  ): Promise<any> {
    console.log('apple profile', req.appleProfile); // this will be available only on first request, subsequent requests will give you undefined
    console.log('accessToken', accessToken);
    console.log('refreshToken', refreshToken);
    console.log('idToken', idToken); // from this you can retrieve the user id and email (email can be hidden)
    console.log('profile', profile); // this will always be an empty object
    console.log('done', done);

    // for security reasons, you should also check if the token is valid, check iss, aud, exp, etc.

    done(null, {});
  }
}

even with this implementation i am receiving empty idToken {}

@VinzSpring
Copy link

My idToken is an empty object aswell!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@ananay @VinzSpring @zenstok @BijanRegmi @sujayroro @utshomax