https://github.com/Timothylock/go-signin-with-apple
A library for validating Apple Sign In tokens written in Golang
go get github.com/Timothylock/go-signin-with-apple
import "github.com/Timothylock/go-signin-with-apple/apple"
package main
import (
"context"
"fmt"
"github.com/Timothylock/go-signin-with-apple/apple"
)
var (
teamId = "ZTxxxxxxxxx"
keyId = "Kxxxxxxxx"
clientId = "xxxxxxx"
secret = `
-----BEGIN PRIVATE KEY-----
.........
-----END PRIVATE KEY-----
`
)
func main() {
code := "ca6ac72e1927943a18ec8096444efa397.0.nwsy.HUKFk8vMNz_oT3c2CL_432"
secret, err := apple.GenerateClientSecret(secret, teamId, clientId, keyId)
client := apple.New()
vReq := apple.AppValidationTokenRequest{
ClientID: clientId,
ClientSecret: secret,
Code: code,
}
var resp apple.ValidationResponse
err = client.VerifyAppToken(context.Background(), vReq, &resp)
if err != nil {
fmt.Println("error verifying: " + err.Error())
return
}
if resp.Error != "" {
fmt.Println("apple returned an error: " + resp.Error)
return
}
// Get the unique user ID
unique, err := apple.GetUniqueID(resp.IDToken)
if err != nil {
fmt.Println("failed to get unique ID: " + err.Error())
return
}
// Get the email
claim, err := apple.GetClaims(resp.IDToken)
if err != nil {
fmt.Println("failed to get claims: " + err.Error())
return
}
fmt.Println(*claim)
email := (*claim)["email"]
emailVerified := (*claim)["email_verified"]
isPrivateEmail := (*claim)["is_private_email"]
// Voila!
fmt.Println(unique)
fmt.Println(email)
fmt.Println(emailVerified)
fmt.Println(isPrivateEmail)
}
执行后的输出值
map[at_hash:4Y4bptil12uMvwgh0UdMVQ aud:xxxxxxxxxxx auth_time:1.590119285e+09 email:zhh8pm23sd@privaterelay.appleid.com email_verified:true exp:1.590119904e+09 iat:1.590119304e+09 is_private_email:true iss:https://appleid.apple.com nonce_supported:true sub:000628.125d78af9b9942d983d34b6c3d6d7eb9.024221]
000628.125d78af9b9942d983d34b6c3d6d7eb9.024221
zhh8pm23sd@privaterelay.appleid.com
true
true