login success? but no info, no email or user name, just token

[Zvika88]

Installed the plugin with no errors and configured the backend, certificates etc. After sign in with Apple, I am getting an object with these properties: email, state, identityToken, fullName, user. However the email, state and fullName properties are empty. Only an identity token is provided.

Shouldn't there be some email address - whether one from apple or the user's , and some name?

email: ""
fullName: {nickname: "", phoneticRepresentation: {}, familyName: "", namePrefix: "", givenName: "", …}
identityToken: "eyJraWQiOiJBSURPUEsxIiwiYWxnIjoiUlMyNTYifQ.eyJpc3MiOiJodHRwczovL2FwcGxlaWQuYXBwbGUuY29tIiwiYXVkIjoiY29tLnBldHRpbmdjbHViLmFwcCIsImV4cCI6MTU3M…"

[patrickbussmann]

You get this informations only in the very first request.
So when you log in a second time you'll not get this informations again.

In the first request you'll get at least the givenName & familyName & email.
The email is also provided in the very first identityToken.

You can go to https://appleid.apple.com/account/manage
And then under "Apps which using Apple-ID" and then say at your App "Dont use it anymore".
Then you can log in again and you'll get the details.

👍

[Zvika88]

Thanks Patrick

[dminkovsky]

I'm having the opposite issue. For some reason this plugin treats every sign-in attempt as the first attempt. I am prompted for an name, email address, and then the callback gets all the info.

I checked the appleid.apple.com/account/manage, and the app is registered there.

What is the correct behavior? What can I do to make it not do that? Do I need to exchange the auth code with their servers or something?

[patrickbussmann]

@dminkovsky what do you mean?

In theory you're geting the authorizationCode which you send to your server. (with the other details as parameter)
And then you have all details.

But when now the user log in via the website - not the app / not the cordova plugin sign in with apple - then you're not getting the user first/last name and more details.

So I think its right when you get all via the plugin. But now check the sign in with Apple on a website and you'll not get the details.

On the App maybe the bahaviour has changed.

And maybe the behavior here changed, too.
64adebe
There was a scope change.

Maybe thats the reason.

[dminkovsky]

@patrickbussmann Sorry I was not clear. Let me explain better:

In the web version of my app, I implemented the Apple Sign In OAuth web flow, and in that version, the first time a user attempts to authenticate, they are presented with the option to specify a name and email (or to use the relay proxy). Then, after that, the fact that they've authenticated with my application is stored in their AppleID account, and subsequent authentications do not prompt them to specify a name and email address. They can forget my app by going to appleid.apple.com/account/manage, but otherwise they are only prompted for their password when they authorize.

In this native plugin, I am getting prompted for a name/email every time. It treats every authentication as the first time I've authenticated. Is there something I need to do for it to remember that the user has already authenticated with my app? I don't want to ask users their name/email every time they log in, just the first time.

[dminkovsky]

Added an SO question https://stackoverflow.com/q/63120021/741970 @paulw11 maybe you know?

[patrickbussmann]

Thats what I mean @dminkovsky.
You need to use the details which you're getting from the App.
https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api/authenticating_users_with_sign_in_with_apple

When you did it your user is registrated and will not see the selector for name and email again.

Ah ok now I see you SO question.
You need the same backend on both sides. Webserver & Native App.
Only getting the authentication token is different. (native = via native call, website = via javscript/redirect)

[dminkovsky]

I'm sorry, I don't think I've communicated my question. Maybe it's clearer on SO?

In a nutshell: I don't want the user to be prompted for a name/email every time they authenticate. Only the first time.

• On the web, this works: they are only prompted the first time, unless they go to their AppleID account and forget my app.
• On iOS, they are prompted for a name/email every single time they authenticate.

[patrickbussmann]

I understand the problem 😉
Thats why I said: You need the same backend.

• On iOS, when you get the authorizationCode, you need to short-lived token used by your app for proof of authorization when interacting with the app’s server counterpart <- like written in the Readme

Look. This is an example code.

  window['cordova'].plugins['SignInWithApple'].signin(
    { requestedScopes: [0, 1] },
    response => {
      loginWith(response.authorizationCode).then(
        user => {
          // 'Login worked'
          resolve(user);
        },
        (error: ErrorResponse) => {
          reject(error);
        }
      );
    },
    error => {
      reject(error);
    }
  );

[dminkovsky]

@patrickbussmann,

Thank you, I am glad it makes sense!

It wasn't the backend though. It was something way more banal... I was using a simulator, and on the simulator, it's the undesired behavior I describe. On a real device, though: works as desired.

Sorry to bother, and thanks for helping me troubleshoot.