Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing full name using Sign in with Apple #133

Open
borgoat opened this issue Dec 16, 2024 · 0 comments
Open

Missing full name using Sign in with Apple #133

borgoat opened this issue Dec 16, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@borgoat
Copy link

borgoat commented Dec 16, 2024

Bug report

Describe the bug

When authenticating via Sign in with Apple, despite the full name scope being set, the created user is missing the full name claim.

This works when signing in with Google instead.

Fundamentally, the difference seems to be that Google (correctly) provides the full name as part of the ID token. Apple, on the other hand, has its own custom return type AuthorizationCredentialAppleID which may contain a given and family name.

The current flow retrieves the ID token via the native modal, and then uses signInWithIdToken1 to create the user. If the data is not in the ID token, it just won't be available to the backend.

I found some previous discussion in #105 - where they reached the same conclusion as ourselves.

To Reproduce

SupaSocialsAuth must be configured as follows:

          SupaSocialsAuth(
            socialProviders: [OAuthProvider.apple],
            enableNativeAppleAuth: true,
            onSuccess: _onSuccess,
          ),

The Flutter app must be configured to use sign_in_with_apple2.

Deploy the app to iOS. Now you may attempt the Sign in with Apple flow.

Finally, go to Supabase, in the table view, and check auth.users. Under raw_user_meta_data it'll be a JSON object with claims coming from the ID token, confirm that the full name is not there.

To perform further tests, since Apple sends the full name only once per app, on iOS:

  • Go to Settings > Apple Account3 > Sign in with Apple
  • If the app is there, it means a previous sign in was performed - the full name won't be provided again - tap on it
  • Tap Delete > Stop Using

Expected behavior

I would expect the user name to be available in Supabase Auth.

System information

  • OS: iOS (macOS too, I think)
  • Browser (if applies): I'm not sure how to fix it here, as a "plain OAuth" flow is used, with browser redirection

Additional context

We have a proposed fix in our fork4, I'm happy to contribute this in its own branch if you'd like to upstream this specific fix.

Our proposal is to add a call to updateUser5 if a given and/or family name are provided.

Footnotes

  1. https://supabase.com/docs/reference/dart/auth-signinwithidtoken

  2. https://pub.dev/packages/sign_in_with_apple

  3. This is the very first entry in the settings app, the one referring to your Apple ID

  4. https://github.com/supabase-community/flutter-auth-ui/commit/ae08034a859fa4c44897b259c6d1a8dfcb7ab013#diff-d913ee46f46e1f3c9eea9b13af4b7b5c698acf1eac4e9fb7b898bf57e944e9bd

  5. https://supabase.com/docs/reference/dart/auth-updateuser

@borgoat borgoat added the bug Something isn't working label Dec 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@borgoat