From 65ede850f44f752dc968c062251153f0c725343b Mon Sep 17 00:00:00 2001
From: Borut Tomazin <borut@povio.com>
Date: Tue, 12 Sep 2023 12:52:37 +0200
Subject: [PATCH] Logic update

---
 Sources/Apple/AppleAuthenticator.swift | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/Sources/Apple/AppleAuthenticator.swift b/Sources/Apple/AppleAuthenticator.swift
index ba09f92..c3310e5 100644
--- a/Sources/Apple/AppleAuthenticator.swift
+++ b/Sources/Apple/AppleAuthenticator.swift
@@ -108,11 +108,23 @@ extension AppleAuthenticator: ASAuthorizationControllerDelegate {
         return .init(address: $0, isPrivate: isEmailPrivate, isVerified: isEmailVerified)
       }
       
+      // do not continue if `email` is missing
+      guard let email else {
+        rejectSignIn(with: .missingEmail)
+        return
+      }
+      
+      // do not continue if `expiresAt` is missing
+      guard let expiresAt = jwt?.expiresAt else {
+        rejectSignIn(with: .missingExpiration)
+        return
+      }
+      
       let response = Response(userId: credential.user,
                               token: identityTokenString,
                               name: credential.displayName,
                               email: email,
-                              expiresAt: jwt?.expiresAt)
+                              expiresAt: expiresAt)
       
       processingPromise?.resolve(with: response)
     case _:
@@ -139,6 +151,8 @@ public extension AppleAuthenticator {
     case invalidIdentityToken
     case unhandledAuthorization
     case credentialsRevoked
+    case missingExpiration
+    case missingEmail
   }
 }