SigninWithApple Events

SigninWithApple has the following events associated with it:

onSuccessCallback Event

An event callback is invoked by the platform when the user performs a sucsessfull authentication action using the Apple ID on the SigninWithApple widget button.

Once the user logs in with the Apple ID, we'll get a set of values that will help to store in the keychain.

Values collected	Description
User	Unique user-id
givenName	Name of user
familyName	User family Name
identityToken	The JSON Web Token (JWT) served to securely communicate user identity information to the app. The ID token, signed by Apple's ID provider, includes the following information: Issuer Identifier, Subject Identifier, Audience, Expiry Time and Issuance Time. Example: Email which is used for sign in
email	The email used for sign in.
authorizationCode	A short-lived, one-time valid token that provides proof of authorization for the server component of the app. The authorization code is connected to the specific transaction using the state attribute passed in the request for authorization. The application's server component will validate the code using the Apple identity service endpoint provided for this purpose.
authorizedScopes	This value will include a list of scopes for which authorization has been provided by the user. These could contain a subset of the scopes requested on @see ASAuthorizationAppleIDRequest. This value should be queried by the application to identify which scopes have been returned as it may differ from those requested.
Nonce	As per Apple, nonce value mitigates replay attacks and is present only if passed during the authorization request. We are passing nonce value by default during our authorisation request. The nonce value that is being passed as part of authorisation request is a hashed string which is generated from a 32 bit random string. When a sign in is performed an authorization response is returned by Apple. In this authorization response Apple provides IdentityToken (which is an embedded with nonce value if nonce is passed in authorization request). Once we decode IdentityToken using https://jwt.io/ we will get hashed value of nonce. As part of success call back, nonce is returned which is a random string. We should validate if the hashed value of nonce and hash value generated from this random string are same or not. If they are same this is a valid request else not a valid request. .
State	As per Apple, state value mitigates replay attacks and is present only if passed during the authorization request. We are passing state value by default during our authorisation request. The state value that is being passed as part of authorisation request which is generated from a 16 bit random string. When a sign in is performed an authorization response is returned by Apple. As part of success call back, state is returned which is a random string. In this authorization response Apple provides state as part of AppleIDCredential which is validated by framework and if validation fails failure call back gets called with an error “Invaid State”.

Syntax


onSuccessCallback ()

Type

Constant

Read/Write

Read Only

Example

Platform Availability

iOS 13 or later

onFailureCallback Event

An event onFailureCallback is invoked by the platform when the user fails a authentication action using the Apple ID on the SigninWithApple widget button.

The following table lists the Error codes that are displayed on the VoltMX Iris.

Error Codes	Failure Callback with enum Values	Description
1000	VoltMXSignInWithAppleAuthorizationErrorUnknown	The authorization attempt failed for an unknown reason.
1001	VoltMXSignInWithAppleAuthorizationErrorCanceled	The user canceled the authorization attempt.
1002	VoltMXSignInWithAppleAuthorizationErrorInvalidResponse	The authorization request received an invalid response.
1003	VoltMXSignInWithAppleAuthorizationErrorNotHandled	The authorization request wasn’t handled.
1004	VoltMXSignInWithAppleAuthorizationErrorFailed	The authorization attempt failed.