5.1.1 Legal: Privacy - Data Collection and Storage
- Apps that offer Sign in with Apple should use the Sign in with Apple REST API to revoke user tokens.
REST API to revoke user tokens doc https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens/
I am getting "invalid client" or "invalid_grant" in the error response.
const client_secret = await getClientSecret();
const token = await authToken(authCode,client_secret);
await revokeToken(refreshToken, client_secret);
async function authToken(authCode, client_secret) {
const data = querystring.stringify({
code: authCode,
client_id: "****",
client_secret: client_secret,
grant_type: "authorization_code",
});
var config = {
method: "post",
url: "https://appleid.apple.com/auth/token",
headers: {
"Content-Type": "application/x-www-form-urlencoded",
},
};
try {
const response = await axios.post(config.url, data, {
headers: config.headers,
});
return response.data.refresh_token
} catch (err) {
return err.response.data.error;
}
}
async function getClientSecret() {
const privateKey = fs.readFileSync("key/path");
return jwt.sign(
{
iss: "****",
iat: Math.floor(Date.now() / 1000),
exp: Math.floor(Date.now() / 1000) + 360000,
aud: "https://appleid.apple.com",
sub: "****",
},
privateKey,
{
algorithm: "ES256",
header: {
alg: "ES256",
kid: "***",
},
}
);
}
