Skip to content

Commit

Permalink
[Enhancement] Add EmailVerified field for Apple's ID token (#558)
Browse files Browse the repository at this point in the history
* [Enhancement] Add EmailVerified field for Apple's ID token

* [Fix] Include "email_verified" field in Apple's unit test case.

* [Fix] Add missing BooleanString validation in TestIDTokenClaimsUnmarshal method

* [Fix] Fill up test payload
  • Loading branch information
althenlimzixuan authored May 21, 2024
1 parent eb002ea commit 260588e
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 3 deletions.
3 changes: 3 additions & 0 deletions providers/apple/session.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ type ID struct {
Sub string `json:"sub"`
Email string `json:"email"`
IsPrivateEmail bool `json:"is_private_email"`
EmailVerified bool `json:"email_verified"`
}

type Session struct {
Expand Down Expand Up @@ -52,6 +53,7 @@ type IDTokenClaims struct {
AuthTime int `json:"auth_time"`
Email string `json:"email"`
IsPrivateEmail BoolString `json:"is_private_email"`
EmailVerified BoolString `json:"email_verified,omitempty"`
}

func (s *Session) Authorize(provider goth.Provider, params goth.Params) (string, error) {
Expand Down Expand Up @@ -124,6 +126,7 @@ func (s *Session) Authorize(provider goth.Provider, params goth.Params) (string,
Sub: idToken.Claims.(*IDTokenClaims).Subject,
Email: idToken.Claims.(*IDTokenClaims).Email,
IsPrivateEmail: idToken.Claims.(*IDTokenClaims).IsPrivateEmail.Value(),
EmailVerified: idToken.Claims.(*IDTokenClaims).EmailVerified.Value(),
}
}

Expand Down
13 changes: 10 additions & 3 deletions providers/apple/session_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ func Test_ToJSON(t *testing.T) {
s := &Session{}

data := s.Marshal()
a.Equal(data, `{"AuthURL":"","AccessToken":"","RefreshToken":"","ExpiresAt":"0001-01-01T00:00:00Z","sub":"","email":"","is_private_email":false}`)
a.Equal(data, `{"AuthURL":"","AccessToken":"","RefreshToken":"","ExpiresAt":"0001-01-01T00:00:00Z","sub":"","email":"","is_private_email":false,"email_verified":false}`)
}

func Test_String(t *testing.T) {
Expand All @@ -59,23 +59,30 @@ func TestIDTokenClaimsUnmarshal(t *testing.T) {
}{
{
name: "'is_private_email' claim is a string",
idToken: `{"AuthURL":"","AccessToken":"","RefreshToken":"","ExpiresAt":"0001-01-01T00:00:00Z","sub":"","email":"test-email@privaterelay.appleid.com","is_private_email":"true"}`,
idToken: `{"AuthURL":"","AccessToken":"","RefreshToken":"","ExpiresAt":"0001-01-01T00:00:00Z","sub":"","email":"test-email@privaterelay.appleid.com","is_private_email":"true", "email_verified":"true"}`,
expectedClaims: IDTokenClaims{
Email: "test-email@privaterelay.appleid.com",
IsPrivateEmail: BoolString{
StringValue: "true",
},
EmailVerified: BoolString{
StringValue: "true",
},
},
},
{
name: "'is_private_email' claim is a boolean",
idToken: `{"AuthURL":"","AccessToken":"","RefreshToken":"","ExpiresAt":"0001-01-01T00:00:00Z","sub":"","email":"test-email@privaterelay.appleid.com","is_private_email":true}`,
idToken: `{"AuthURL":"","AccessToken":"","RefreshToken":"","ExpiresAt":"0001-01-01T00:00:00Z","sub":"","email":"test-email@privaterelay.appleid.com","is_private_email":true,"email_verified":true}`,
expectedClaims: IDTokenClaims{
Email: "test-email@privaterelay.appleid.com",
IsPrivateEmail: BoolString{
BoolValue: true,
IsValidBool: true,
},
EmailVerified: BoolString{
BoolValue: true,
IsValidBool: true,
},
},
},
}
Expand Down

0 comments on commit 260588e

Please sign in to comment.