Search code examples
javascriptnode.jsparse-platformparse-serverapple-sign-in

How to handle the apple callback in Parse Server

I have the Sign in with apple working to the point that I'm signed in with apple and apple redirects with a Post request to my server.

I set up the following express post handler:

app.post('/apple-callback', async function (req, res) {
    let data = req.body.id_token
    let buff = Buffer.from(data.split('.')[1], 'base64')
    let text = buff.toString('utf8')
    let json = JSON.parse(text)
    try {
        let currentUser = await Parse.User.logInWith('apple', {
            'authData':{
                'id': json.sub,
                'token': data
            } 
        })

        console.info(currentUser)
    } catch (error) {
        console.error(error)
    }

    res.json({
        'fissa': req.body,
        'state': req.body.state,
        'code': req.body.code,
        'idToken': req.body.id_token,
        json,
        sub: json.sub
    })
})

but I get the following error:

Feb 25, 2020, 15:56:39 +01:00- ERROR
Uncaught internal server error. { JsonWebTokenError: invalid signature
    at /opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:133:19
    at getSecret (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:90:14)
    at Object.module.exports [as verify] (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:94:10)
    at verifyIdToken (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/index.js:43:25)
    at process._tickCallback (internal/process/next_tick.js:68:7) name: 'JsonWebTokenError', message: 'invalid signature' } JsonWebTokenError: invalid signature
    at /opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:133:19
    at getSecret (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:90:14)
    at Object.module.exports [as verify] (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:94:10)
    at verifyIdToken (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/index.js:43:25)
    at process._tickCallback (internal/process/next_tick.js:68:7)
Feb 25, 2020, 15:56:39 +01:00- ERROR
JsonWebTokenError: invalid signatureJsonWebTokenError: invalid signature
    at /opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:133:19
    at getSecret (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:90:14)
    at Object.module.exports [as verify] (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:94:10)
    at verifyIdToken (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/index.js:43:25)
    at process._tickCallback (internal/process/next_tick.js:68:7)
Feb 25, 2020, 15:56:39 +01:00- ERROR
Uncaught internal server error. { JsonWebTokenError: invalid signature
    at /opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:133:19
    at getSecret (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:90:14)
    at Object.module.exports [as verify] (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:94:10)
    at verifyIdToken (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/index.js:43:25)
    at process._tickCallback (internal/process/next_tick.js:68:7) name: 'JsonWebTokenError', message: 'invalid signature' } JsonWebTokenError: invalid signature
    at /opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:133:19
    at getSecret (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:90:14)
    at Object.module.exports [as verify] (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:94:10)
    at verifyIdToken (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/index.js:43:25)
    at process._tickCallback (internal/process/next_tick.js:68:7)
Feb 25, 2020, 15:56:39 +01:00- ERROR
JsonWebTokenError: invalid signatureJsonWebTokenError: invalid signature
    at /opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:133:19
    at getSecret (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:90:14)
    at Object.module.exports [as verify] (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:94:10)
    at verifyIdToken (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/index.js:43:25)
    at process._tickCallback (internal/process/next_tick.js:68:7)
Feb 25, 2020, 15:56:39 +01:00- ERROR
Uncaught internal server error. { JsonWebTokenError: invalid signature
    at /opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:133:19
    at getSecret (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:90:14)
    at Object.module.exports [as verify] (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:94:10)
    at verifyIdToken (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/index.js:43:25)
    at process._tickCallback (internal/process/next_tick.js:68:7) name: 'JsonWebTokenError', message: 'invalid signature' } JsonWebTokenError: invalid signature
    at /opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:133:19
    at getSecret (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:90:14)
    at Object.module.exports [as verify] (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:94:10)
    at verifyIdToken (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/index.js:43:25)
    at process._tickCallback (internal/process/next_tick.js:68:7)
Feb 25, 2020, 15:56:39 +01:00- ERROR
JsonWebTokenError: invalid signatureJsonWebTokenError: invalid signature
    at /opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:133:19
    at getSecret (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:90:14)
    at Object.module.exports [as verify] (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:94:10)
    at verifyIdToken (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/index.js:43:25)
    at process._tickCallback (internal/process/next_tick.js:68:7)
Feb 25, 2020, 15:56:39 +01:00- ERROR
Uncaught internal server error. { JsonWebTokenError: invalid signature
    at /opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:133:19
    at getSecret (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:90:14)
    at Object.module.exports [as verify] (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:94:10)
    at verifyIdToken (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/index.js:43:25)
    at process._tickCallback (internal/process/next_tick.js:68:7) name: 'JsonWebTokenError', message: 'invalid signature' } JsonWebTokenError: invalid signature
    at /opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:133:19
    at getSecret (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:90:14)
    at Object.module.exports [as verify] (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:94:10)
    at verifyIdToken (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/index.js:43:25)
    at process._tickCallback (internal/process/next_tick.js:68:7)
Feb 25, 2020, 15:56:39 +01:00- ERROR
JsonWebTokenError: invalid signatureJsonWebTokenError: invalid signature
    at /opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:133:19
    at getSecret (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:90:14)
    at Object.module.exports [as verify] (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/node_modules/jsonwebtoken/verify.js:94:10)
    at verifyIdToken (/opt/app-root/src/node_modules/sashido-parse-server-apple-auth-adapter/index.js:43:25)
    at process._tickCallback (internal/process/next_tick.js:68:7)

Any suggestions?

This is how far I got with parse docs and some trial and error.

But I don't know how to fix the errors and get a valid parse user.

Solution

  • So it turned out there was a bug in parse-server, apple started hosting more than one public key (so the key did not always match with the signed jwt), which was not supported by the authentication adapter. By now, the fix is merged into master and will be shipped with the next release, at which point the code I used in my question works.

    fyi: https://github.com/parse-community/parse-server/issues/6496