iOS 实现苹果第三方登录注意事项

1.引入framework

AuthenticationServices.framework
iOS 实现苹果第三方登录注意事项_第1张图片

2.添加能力

Sign in with Apple
iOS 实现苹果第三方登录注意事项_第2张图片

3.代码部分 object c 实现

#import 
#import 

@class RootViewController;

@interface AppController : NSObject <UIApplicationDelegate, ASAuthorizationControllerDelegate, ASAuthorizationControllerPresentationContextProviding>
{
    
}

@property(nonatomic, readonly) RootViewController* viewController;

+ (AppController*)ins;
+ (void)setIns:(AppController*)ins;

@end
static AppController* _ins;

+ (AppController*)ins {
    return _ins;
}

+ (void)setIns:(AppController*)ins {
    _ins = ins;
}

+ (void)loginApple {
    NSLog(@"ios登陆开始");
    ASAuthorizationAppleIDProvider *provider = [[ASAuthorizationAppleIDProvider alloc] init];
    ASAuthorizationAppleIDRequest *request = [provider createRequest];
    request.requestedScopes = @[ASAuthorizationScopeFullName, ASAuthorizationScopeEmail];
    ASAuthorizationController *vc = [[ASAuthorizationController alloc] initWithAuthorizationRequests:@[request]];
    vc.delegate = [AppController ins];
    vc.presentationContextProvider = [AppController ins];
    [vc performRequests];
}

- (void)authorizationController:(ASAuthorizationController *)controller didCompleteWithAuthorization:(ASAuthorization *)authorization NS_SWIFT_NAME(authorizationController(controller:didCompleteWithAuthorization:)) API_AVAILABLE(ios(13.0)) {
    if ([authorization.credential isKindOfClass:[ASAuthorizationAppleIDCredential class]]) {
        ASAuthorizationAppleIDCredential *credential = authorization.credential;
        
        NSLog(@"credential = %@", credential);
        
        NSString *state = credential.state;
        NSString *userID = credential.user;
        NSPersonNameComponents *fullName = credential.fullName;
        NSString *email = credential.email;
        NSString *authorizationCode = [[NSString alloc] initWithData:credential.authorizationCode encoding:NSUTF8StringEncoding]; // 验证 token
        NSString *identityToken = [[NSString alloc] initWithData:credential.identityToken encoding:NSUTF8StringEncoding]; // 用户 token
        ASUserDetectionStatus realUserStatus = credential.realUserStatus;
        NSArray *authorizedScopes = credential.authorizedScopes;
        
        NSLog(@"ios登陆成功 state: %@\nuserID: %@\nfullName: %@\nemail: %@\nauthorizationCode: %@\nidentityToken: %@\nrealUserStatus: %@\nauthorizedScopes: %@",
              state,
              userID,
              fullName,
              email,
              authorizationCode,
              identityToken,
              @(realUserStatus),
              authorizedScopes);
    }
}

- (void)authorizationController:(ASAuthorizationController *)controller didCompleteWithError:(NSError *)error  NS_SWIFT_NAME(authorizationController(controller:didCompleteWithError:)) API_AVAILABLE(ios(13.0)) {
    NSString *errorMsg = nil;
    switch (error.code) {
        case ASAuthorizationErrorCanceled:
            errorMsg = @"用户取消了授权请求";
            break;
        case ASAuthorizationErrorFailed:
            errorMsg = @"授权请求失败";
            break;
        case ASAuthorizationErrorInvalidResponse:
            errorMsg = @"授权请求响应无效";
            break;
        case ASAuthorizationErrorNotHandled:
            errorMsg = @"未能处理授权请求";
            break;
        case ASAuthorizationErrorUnknown:
            errorMsg = @"授权请求失败未知原因";
            break;
    }
    
    NSLog(@"ios登陆错误 error %@", errorMsg);
}

- (ASPresentationAnchor)presentationAnchorForAuthorizationController:(ASAuthorizationController *)controller API_AVAILABLE(ios(13.0)) {
    return self.window;
}

4.后段验证

苹果验证接口:https://appleid.apple.com/auth/token
必传参数
client_id:app的 bundle identifier
code:手机端获取到的 authorizationCode
grant_type:传入固定字符串 authorization_code
client_secret:秘钥

秘钥client_secret的生成
ruby代码如下 gen.rb

require "jwt"

key_file = "Path to the private key"
team_id = "Your Team ID"
client_id = "Your App Bundle ID"
key_id = "The Key ID of the private key"
validity_period = 180 # In days. Max 180 (6 months) according to Apple docs.

private_key = OpenSSL::PKey::EC.new IO.read key_file

token = JWT.encode(
  {
    iss: team_id,
    iat: Time.now.to_i,
    exp: Time.now.to_i + 86400 * validity_period,
    aud: "https://appleid.apple.com",
    sub: client_id
  },
  private_key,
  "ES256",
  header_fields=
  {
    kid: key_id 
  }
)
puts token

key_file:苹果开发者中心下载的.p8文件保存的路径
team_id:开发者账号的teamID
client_id:项目的bundleID
key_id:苹果开发者中心创建的keyID

ruby jwt 安装 gem install jwt
如何运行这个文件,ruby gen.rb

后段验证,需要在开发这账号中添加key,勾选Sign in with Apple,
iOS 实现苹果第三方登录注意事项_第3张图片
在配置中选择Apple ID
iOS 实现苹果第三方登录注意事项_第4张图片
点击下载,获取.p8文件,保存Key ID

你可能感兴趣的:(ios,经验分享)