Skip to content

Comments

feat(provider): add POST callback and id_token handling for OAuth2#245

Merged
thdxr merged 3 commits intoanomalyco:masterfrom
aryasaatvik:apple-auth-postform
Apr 9, 2025
Merged

feat(provider): add POST callback and id_token handling for OAuth2#245
thdxr merged 3 commits intoanomalyco:masterfrom
aryasaatvik:apple-auth-postform

Conversation

@aryasaatvik
Copy link
Contributor

@aryasaatvik aryasaatvik commented Apr 4, 2025
edited
Loading

resolves #82

  • Add form_post response_mode support for Apple Sign In
  • Implement POST callback route in OAuth2 provider
  • Add ID token verification using JWKS endpoint
  • Refactor callback logic to reduce duplication
  • Extract and expose decoded ID token claims

This change enables Apple Sign In with name and email scopes which requires form_post response mode and proper handling of the ID token.

@aryasaatvik
feat(provider): add POST callback and id_token handling for OAuth2
e3fe4dc 
- Add form_post response_mode support for Apple Sign In
- Implement POST callback route in OAuth2 provider
- Add ID token verification using JWKS endpoint
- Refactor callback logic to reduce duplication
- Extract and expose decoded ID token claims

This change enables Apple Sign In with name and email scopes which requires
form_post response mode and proper handling of the ID token.
@changeset-bot
Copy link

changeset-bot bot commented Apr 4, 2025
edited
Loading

⚠️ No Changeset found

Latest commit: d2e081b

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@aryasaatvik aryasaatvik mentioned this pull request Apr 4, 2025
Closed
@aryasaatvik
rm comment
ef89483
@aryasaatvik
feat(provider): add JWKS endpoint for Google OAuth
d2e081b 
- Include JWKS endpoint for Google provider to support ID token verification.
aryasaatvik
aryasaatvik commented Apr 4, 2025
View reviewed changes
packages/openauth/src/provider/google.ts
endpoint: {
authorization: "https://accounts.google.com/o/oauth2/v2/auth",
token: "https://oauth2.googleapis.com/token",
jwks: "https://www.googleapis.com/oauth2/v3/certs",
Copy link
Contributor Author

@aryasaatvik aryasaatvik Apr 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

google also returns an id token. this allows decoding it in tokenset

@aryasaatvik
Copy link
Contributor Author

aryasaatvik commented Apr 4, 2025

probably should just be using oidc instead of adding id token support in oauth. but apple auth support is broken in both oauth and oidc.

  • oidc needs to support auth code flow
  • oauth needs to support POST /callback

@thdxr thdxr merged commit 07cee2b into anomalyco:master Apr 9, 2025
1 of 2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support response_mode=form_post for Apple adapter

2 participants

@aryasaatvik @thdxr