Sign In With Apple Module

Sign In With Apple Module

Sign In With Apple is a plugin for the zCart Multi-vendor platform. Use Sign in with Apple to allow users to set up an account and sign in to your apps and associated websites with their Apple ID.

Installation:

The installation process is the same as other zCart modules, please check this section for guidance.

Configurations:

You may need to configure multiple components for Sign in with Apple, from registering domains for Web Authentication to providing email sources to communicate with your users through the Private Email Relay service. We’ll do that in these steps:

  1. Create and enable App ID
  2. Create Service ID
  3. Create a Sign in with Apple private key
  4. Create your app’s client secret

You’ll need to use Certificates, Identifiers & Profiles to set up identifiers and keys in your Apple Developer account before you can implement Sign in with Apple. 

Click the + sign to create your App ID and Service ID.

  1. Create and enable an App ID:

Get started by enabling your app’s App ID with the Sign in with Apple capability. 

From your apple developer account section create an App ID with the following details:

Platform: iOS, macOS, tvOS, watchOS

Description: (something like “apple login app id”)

Bundle ID (Explicit): com.example.id (or something similar)

Check the ‘Sign In With Apple’ option and click the “Edit” button to edit the details.

If you’re enabling an App ID for the first time or for a new app, enable the App ID as a primary. You can use primary App IDs on their own or enable identifiers for related apps and websites through grouping. 

Server to Server Notification Endpoint: https://example.com/socialite/customer/apple/callback 

  1. Create a Service ID:

Create a service ID from the same panel.

with the following details:

Description: (something like “example.com service id”)

Identifier: com.example.service (or something similar)

Check “Sign In With Apple” and Click configure “Sign In With Apple”:

Primary App ID: (select the primary app ID you already created)

Domains and Subdomains: example.com 

Return URLs: https://example.com/socialite/customer/apple/callback

(Replace the example.com with your website domain)

Click “Next”.

Click the “Edit” button to edit the details of the “Sign In With Apple” configuration we just created.

Download the verification file, upload it to https://example.com/.well-known/apple-developer-domain-association.txt, and then click the “Verify” button.

  1. Create a Sign in with Apple private key:

To communicate with Sign in with Apple, you’ll use a private key to sign one or more developer tokens. On your apple developer account dashboard.

Click the ‘Keys’ section to create your private key.

with the following details:

Give the key a name. Check “Sign In With Apple” and configure “Sign In With Apple”

Primary App ID: (select the primary app id) and ‘Save’.

Click “Continue” and then Click “Register”

Download the key and store it in a secure place. 

Warning: Save this file in a secure place because the key is not saved in your developer account and you won’t be able to download it again. 

(If you lost the private key or suspect it was compromised, first create a new private key associated with the primary App ID. Then, after transitioning to the new key, revoke the old private key.)

Rename the downloaded file to key.txt

  1. Create your app’s client secret:

To create the secret key we need a JWT tool and the key.txt we got from apple. 

Install the JWT Gem: Run this common on your terminal.

sudo gem install jwt

Create a file called client_secret.rb with the content below to process the private key:

“““““““““““““““`

require ‘jwt’

key_file = ‘key.txt’

team_id = ”

client_id = ”

key_id = ”

ecdsa_key = OpenSSL::PKey::EC.new IO.read key_file

headers = {

‘kid’ => key_id

}

claims = {

    ‘iss’ => team_id,

    ‘iat’ => Time.now.to_i,

    ‘exp’ => Time.now.to_i + 86400*180,

    ‘aud’ => ‘https://appleid.apple.com’,

    ‘sub’ => client_id,

}

token = JWT.encode claims, ecdsa_key, ‘ES256’, headers

puts token

“““““““““““““““`

Fill in the following fields:

  • team_id: This can be found in the top-right corner when logged into your Apple Developer account, right under your name.
  • client_id: This is the identifier from the Service Id created in step 2 above, for example, com.example.service
  • key_id: This is the identifier of the private key created in step 3 above.

Save the file and run it from the terminal. 

ruby client_secret.rb

It will spit out a JWT which is your client secret, which you will need to add to your .env file in the next step.

Configure on zCart side:

When you’ve done all the configurations on the Apple side. Now adjust the .env configuration file.

APPLE_CLIENT_ID=

APPLE_CLIENT_SECRET=

Set APPLE_CLIENT_ID=com.example.id (service id as registered with Apple). Set the APPLE_CLIENT_SECRET=secret (your app’s client secret as calculated in the previous section)

Clear the config cache from admin settings or run the below command on terminal

php artisan config:clear;

Your site is ready to test the ‘Sign in With Apple’ option.

Was this page helpful?

Leave Comment