# Apple Auth
Python library to implement Sign In with Apple in your Django backend.
## Table of Contents
- [💾 Installation](#-installation)
- [🍎 Apple docs](#-apple-docs)
- [📝 Configuration](#-configuration)
- [🚀 Usage](#-usage)
- [🤖 Endpoints](#-endpoints)
- [📜 Code Of Conduct](#code-of-conduct)
### 💾 Installation
To easily install or upgrade to the latest release, use pip.
```
$ pip install appleauth
```
### 🍎 Apple docs
From now on, some stuff is much better explained on the Apple docs, so when in doubt just check (if you haven't done so) the following documents:
- [Sign In With Apple](https://developer.apple.com/sign-in-with-apple/get-started/)
- [Request an authorization to the Sign in with Apple server](https://developer.apple.com/documentation/sign_in_with_apple/request_an_authorization_to_the_sign_in_with_apple_server)
- [Generate and validate tokens](https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens)
- [Revoke tokens](https://developer.apple.com/documentation/sign_in_with_apple/revoke_tokens)
### 📝 Configuration
To start using the lib, some Apple Keys needs to be generated:
- `client_id` (string)
- The identifier (App ID or Services ID) for your app. The identifier must not include your Team ID, to help prevent the possibility of exposing sensitive data to the end user.
- `client_secret` (string)
- A secret JSON Web Token, generated by the developer, that uses the Sign in with Apple private key associated with your developer account. Authorization code and refresh token validation requests require this parameter.
- `team_id` (string)
- Team ID of your developer account this can be found in your apple developer portal => identifier of your app => "App ID prefix".
- `key_id` (string)
- The Key ID of the p8 file.
### 🚀 Usage
You can install the library directly from PYPI using pip:
```bash
pip install appleauth
```
Edit your settings.py file and update `INSTALLED_APPS` and `APPLE_CONFIG` with the appropriate keys generated via Apple Developer Portal:
```python
INSTALLED_APPS = [
...,
"appleauth"
]
# Apple Config
APPLE_CONFIG = {
"APPLE_KEY_ID": "",
"APPLE_TEAM_ID": "",
"APPLE_CLIENT_ID": "",
"APPLE_PRIVATE_KEY": "",
"APPLE_REDIRECT_URL": "{{BASE URL}}/auth/apple/token", # https://127.0.0.1:8000/auth/apple/token
"APPLE_SCOPE": ["name", "email"],
"RESPONSE_HANDLER_CLASS": "users.services.AppleSignInResponseHandler",
}
```
NOTE:
- In the above config, `APPLE_REDIRECT_URL` is an endpoint which serves as a proxy to redirect the response of Apple server authorization to the `redirect_url` passed as query param while generating Authorization URL.
- The response of authorization by Apple is a `POST request` where auth `code` and `state` is sent in request body. This endpoint converts the request body data to query params and send it to the redirect URL.
Create Response Handler Class and update path in `APPLE_CONFIG`, In this example we are considering it to be in `/users/services/AppleSignInResponseHandler`
```python
from appleauth.services import AppleAuthResponseHandler
class AppleSignInResponseHandler(AppleAuthResponseHandler):
def handle_fetch_or_create_user(self, request, user_dict):
email = user_dict.get("email", None)
apple_id = user_dict.get("apple_id", None)
# Implement a method to handle user creation
user, is_created = get_or_create_user(email, apple_id)
context = {"is_created": is_created}
return user, context
def generate_response_json(self, user, extra_context):
# Implement a serializer to serialize user data
response = AuthUserSerializer(user, context=extra_context)
return response.data
```
NOTE:
- `AuthUserSerializer` used in above ref. could be created as per app's functionality and contain fields which needs to be sent in response of authorization.
- `get_or_create_user` method used in above code ref. could be created as per app's functionality.
Update Routes:
```python
from rest_framework.routers import DefaultRouter
from appleauth.apis import AppleAuthViewset
default_router = DefaultRouter(trailing_slash=False)
default_router.register("auth/apple", AppleAuthViewset, basename="apple-auth")
urlpatterns = [...] + default_router.urls
```
### 🤖 Endpoints
- Provides following APIs:
- [**Authorization URL API**](https://github.com/PrimedigitalGlobal/appleauth/blob/main/docs/endpoints.md#get-authorization-url)
- It generates Apple's `authorization-url` used to redirect to Apple's Authorization Server to request consent from resource owner.
- [**Authorize API**](https://github.com/PrimedigitalGlobal/appleauth/blob/main/docs/endpoints.md#authorize-user)
- Exchange authorization code for access token.
- Talk to resource server with access token and fetch user's profile information.
- [**Authorize IOS Token API**](https://github.com/PrimedigitalGlobal/appleauth/blob/main/docs/endpoints.md#authorize-ios-token)
- Verifies an ID Token issued by Apple's authorization server.
- Fetch user details from decoded token.
**NOTE:** This documentation changes frequently, checkout the [changelog](changelog.md) for detailed breaking changes and features added.
### Code of Conduct
In order to foster a kind, inclusive, and harassment-free community, we have a code of conduct, which can be found [here](CODE_OF_CONDUCT.md). We ask you to treat everyone as a smart human programmer that shares an interest in Python and Apple Pass Generator with you.
Raw data
{
"_id": null,
"home_page": "https://primedigitalglobal.github.io/appleauth",
"name": "appleauth",
"maintainer": "Vikalp Jain",
"docs_url": null,
"requires_python": ">=3.9,<4.0",
"maintainer_email": "vikalp@primedigital.tech",
"keywords": "apple signin,apple auth",
"author": "Primedigital Global",
"author_email": "oss@primedigital.tech",
"download_url": "https://files.pythonhosted.org/packages/e7/e1/999227c52ee6d58087b6d8d1f3d897a88f002524503fa2d8aeac2079a4fe/appleauth-0.0.1.tar.gz",
"platform": null,
"description": "# Apple Auth\n\nPython library to implement Sign In with Apple in your Django backend.\n\n## Table of Contents\n\n- [\ud83d\udcbe Installation](#-installation)\n- [\ud83c\udf4e Apple docs](#-apple-docs)\n- [\ud83d\udcdd Configuration](#-configuration)\n- [\ud83d\ude80 Usage](#-usage)\n- [\ud83e\udd16 Endpoints](#-endpoints)\n- [\ud83d\udcdc Code Of Conduct](#code-of-conduct)\n\n### \ud83d\udcbe Installation\n\nTo easily install or upgrade to the latest release, use pip.\n\n```\n$ pip install appleauth\n```\n\n### \ud83c\udf4e Apple docs\n\nFrom now on, some stuff is much better explained on the Apple docs, so when in doubt just check (if you haven't done so) the following documents:\n\n- [Sign In With Apple](https://developer.apple.com/sign-in-with-apple/get-started/)\n- [Request an authorization to the Sign in with Apple server](https://developer.apple.com/documentation/sign_in_with_apple/request_an_authorization_to_the_sign_in_with_apple_server)\n- [Generate and validate tokens](https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens)\n- [Revoke tokens](https://developer.apple.com/documentation/sign_in_with_apple/revoke_tokens)\n\n### \ud83d\udcdd Configuration\n\nTo start using the lib, some Apple Keys needs to be generated:\n\n- `client_id` (string)\n - The identifier (App ID or Services ID) for your app. The identifier must not include your Team ID, to help prevent the possibility of exposing sensitive data to the end user.\n- `client_secret` (string)\n - A secret JSON Web Token, generated by the developer, that uses the Sign in with Apple private key associated with your developer account. Authorization code and refresh token validation requests require this parameter.\n- `team_id` (string)\n - Team ID of your developer account this can be found in your apple developer portal => identifier of your app => \"App ID prefix\".\n- `key_id` (string)\n - The Key ID of the p8 file.\n\n### \ud83d\ude80 Usage\n\nYou can install the library directly from PYPI using pip:\n\n```bash\npip install appleauth\n```\n\nEdit your settings.py file and update `INSTALLED_APPS` and `APPLE_CONFIG` with the appropriate keys generated via Apple Developer Portal:\n\n```python\nINSTALLED_APPS = [\n ...,\n \"appleauth\"\n]\n\n# Apple Config\nAPPLE_CONFIG = {\n \"APPLE_KEY_ID\": \"\",\n \"APPLE_TEAM_ID\": \"\",\n \"APPLE_CLIENT_ID\": \"\",\n \"APPLE_PRIVATE_KEY\": \"\",\n \"APPLE_REDIRECT_URL\": \"{{BASE URL}}/auth/apple/token\", # https://127.0.0.1:8000/auth/apple/token\n \"APPLE_SCOPE\": [\"name\", \"email\"],\n \"RESPONSE_HANDLER_CLASS\": \"users.services.AppleSignInResponseHandler\",\n}\n```\n\nNOTE:\n\n- In the above config, `APPLE_REDIRECT_URL` is an endpoint which serves as a proxy to redirect the response of Apple server authorization to the `redirect_url` passed as query param while generating Authorization URL.\n- The response of authorization by Apple is a `POST request` where auth `code` and `state` is sent in request body. This endpoint converts the request body data to query params and send it to the redirect URL.\n\nCreate Response Handler Class and update path in `APPLE_CONFIG`, In this example we are considering it to be in `/users/services/AppleSignInResponseHandler`\n\n```python\nfrom appleauth.services import AppleAuthResponseHandler\n\nclass AppleSignInResponseHandler(AppleAuthResponseHandler):\n def handle_fetch_or_create_user(self, request, user_dict):\n email = user_dict.get(\"email\", None)\n apple_id = user_dict.get(\"apple_id\", None)\n\n # Implement a method to handle user creation\n user, is_created = get_or_create_user(email, apple_id)\n context = {\"is_created\": is_created}\n\n return user, context\n\n def generate_response_json(self, user, extra_context):\n\n # Implement a serializer to serialize user data\n response = AuthUserSerializer(user, context=extra_context)\n\n return response.data\n```\n\nNOTE:\n\n- `AuthUserSerializer` used in above ref. could be created as per app's functionality and contain fields which needs to be sent in response of authorization.\n- `get_or_create_user` method used in above code ref. could be created as per app's functionality.\n\nUpdate Routes:\n\n```python\nfrom rest_framework.routers import DefaultRouter\nfrom appleauth.apis import AppleAuthViewset\n\ndefault_router = DefaultRouter(trailing_slash=False)\n\ndefault_router.register(\"auth/apple\", AppleAuthViewset, basename=\"apple-auth\")\n\nurlpatterns = [...] + default_router.urls\n```\n\n### \ud83e\udd16 Endpoints\n\n- Provides following APIs:\n - [**Authorization URL API**](https://github.com/PrimedigitalGlobal/appleauth/blob/main/docs/endpoints.md#get-authorization-url)\n - It generates Apple's `authorization-url` used to redirect to Apple's Authorization Server to request consent from resource owner.\n - [**Authorize API**](https://github.com/PrimedigitalGlobal/appleauth/blob/main/docs/endpoints.md#authorize-user)\n - Exchange authorization code for access token.\n - Talk to resource server with access token and fetch user's profile information.\n - [**Authorize IOS Token API**](https://github.com/PrimedigitalGlobal/appleauth/blob/main/docs/endpoints.md#authorize-ios-token)\n - Verifies an ID Token issued by Apple's authorization server.\n - Fetch user details from decoded token.\n\n**NOTE:** This documentation changes frequently, checkout the [changelog](changelog.md) for detailed breaking changes and features added.\n\n### Code of Conduct\n\nIn order to foster a kind, inclusive, and harassment-free community, we have a code of conduct, which can be found [here](CODE_OF_CONDUCT.md). We ask you to treat everyone as a smart human programmer that shares an interest in Python and Apple Pass Generator with you.\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Python library to implement Sign In with Apple in your Django backend.",
"version": "0.0.1",
"split_keywords": [
"apple signin",
"apple auth"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "e2fa48867f20454e681be17ce95adc7e91f39b956450ef7e917972a48aed59fe",
"md5": "91a110c3a046b5ff667a797821a39e5d",
"sha256": "c008c335ce8f3d1ef401c42742c7c2458db5ea2ed1e0c254db14dbb06a64112e"
},
"downloads": -1,
"filename": "appleauth-0.0.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "91a110c3a046b5ff667a797821a39e5d",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9,<4.0",
"size": 9142,
"upload_time": "2023-01-10T07:27:01",
"upload_time_iso_8601": "2023-01-10T07:27:01.823922Z",
"url": "https://files.pythonhosted.org/packages/e2/fa/48867f20454e681be17ce95adc7e91f39b956450ef7e917972a48aed59fe/appleauth-0.0.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "e7e1999227c52ee6d58087b6d8d1f3d897a88f002524503fa2d8aeac2079a4fe",
"md5": "4aedc1e3d1610635acfe1650bc915dba",
"sha256": "a2dd1ebe6e640da2992f867b174a7cd1fe9562d5be62365f13eed82949326c63"
},
"downloads": -1,
"filename": "appleauth-0.0.1.tar.gz",
"has_sig": false,
"md5_digest": "4aedc1e3d1610635acfe1650bc915dba",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9,<4.0",
"size": 10123,
"upload_time": "2023-01-10T07:27:03",
"upload_time_iso_8601": "2023-01-10T07:27:03.199313Z",
"url": "https://files.pythonhosted.org/packages/e7/e1/999227c52ee6d58087b6d8d1f3d897a88f002524503fa2d8aeac2079a4fe/appleauth-0.0.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-01-10 07:27:03",
"github": false,
"gitlab": false,
"bitbucket": false,
"lcname": "appleauth"
}
JSON