@zeroparticle/nestjs-passport-apple
v2.0.3
Published
Apple strategy for Passport in Nestjs
Downloads
29
Maintainers
Readme
NestJS Passport Apple Strategy
This strategy integrates Apple login capabilities with NestJS's AuthGuard using Passport.
Forked from @arendajaelu/nestjs-passport-apple
Features
- Utilizes Apple's OAuth2.0 for user authentication
- Uses NestJS's AuthGuard for easy integration
- Provides strongly-typed Profile object
Installation
npm install @zeroparticle/nestjs-passport-apple
Usage
Strategy Setup
Here's a full example detailing all available options:
import { Injectable } from '@nestjs/common';
import { AuthGuard, PassportStrategy } from '@nestjs/passport';
import { Strategy, Profile } from '@zeroparticle/nestjs-passport-apple';
const APPLE_STRATEGY_NAME = 'apple';
@Injectable()
export class AppleStrategy extends PassportStrategy(Strategy, APPLE_STRATEGY_NAME) {
constructor() {
super({
clientID: process.env.APPLE_OAUTH_CLIENT_ID,
teamID: process.env.APPLE_TEAMID,
keyID: process.env.APPLE_KEYID,
key: process.env.APPLE_KEY_CONTENTS,
// OR
keyFilePath: process.env.APPLE_KEYFILE_PATH,
callbackURL: process.env.APPLE_OAUTH_CALLBACK_URL
scope: ['email', 'name'],
passReqToCallback: false,
});
}
async validate(_accessToken: string, _refreshToken: string, profile: Profile) {
return {
emailAddress: profile.email,
firstName: profile.name?.firstName || '',
lastName: profile.name?.lastName || '',
};
}
}
@Injectable()
export class AppleOAuthGuard extends AuthGuard(APPLE_STRATEGY_NAME) {}
Note: Make sure to add
AppleStrategy
to theproviders
array in your module.
Using Guard in Controller
import { Controller, Get, Post, Req, UseGuards } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger';
import { AppleOAuthGuard } from './strategies/apple.strategy';
@ApiTags('oauth')
@Controller('oauth')
export class OAuthController {
@Get('apple')
@UseGuards(AppleOAuthGuard)
async appleLogin() {}
@Post('apple/callback')
@UseGuards(AppleOAuthGuard)
async appleCallback(@Req() req) {
return req.user;
}
}
Strategy Options
clientID
: Apple OAuth2.0 Client IDteamID
: Apple Developer Team IDkeyID
: Apple Key IDkey
: Contents of the Apple Key. If you want the library to load the contents, usekeyFilePath
instead.keyFilePath
: File path to Apple Key; library will load content usingfs.readFileSync
authorizationURL
: (Optional) Authorization URL; default ishttps://appleid.apple.com/auth/authorize
tokenURL
: (Optional) Token URL; default ishttps://appleid.apple.com/auth/token
scope
: (Optional) An array of scopes, e.g.,['email', 'name']
sessionKey
: (Optional) Session Keystate
: (Optional) Should state parameter be usedpassReqToCallback
: (Optional) Should request be passed to thevalidate
callback; default isfalse
callbackURL
: (Optional) Callback URL
Validate Callback
The validate
callback is called after successful authentication and contains the accessToken
, refreshToken
, and profile
.
License
Licensed under MIT.