/// <inheritdoc />
protected override async Task <AuthenticationTicket> CreateTicketAsync(
[NotNull] ClaimsIdentity identity,
[NotNull] AuthenticationProperties properties,
[NotNull] OAuthTokenResponse tokens)
{
string idToken = tokens.Response.RootElement.GetString("id_token");
Logger.LogInformation("Creating ticket for Sign in with Apple.");
if (Logger.IsEnabled(LogLevel.Trace))
{
Logger.LogTrace("Access Token: {AccessToken}", tokens.AccessToken);
Logger.LogTrace("Refresh Token: {RefreshToken}", tokens.RefreshToken);
Logger.LogTrace("Token Type: {TokenType}", tokens.TokenType);
Logger.LogTrace("Expires In: {ExpiresIn}", tokens.ExpiresIn);
Logger.LogTrace("Response: {TokenResponse}", tokens.Response.RootElement);
Logger.LogTrace("ID Token: {IdToken}", idToken);
}
if (string.IsNullOrWhiteSpace(idToken))
{
throw new InvalidOperationException("No Apple ID token was returned in the OAuth token response.");
}
if (Options.ValidateTokens)
{
var validateIdContext = new AppleValidateIdTokenContext(Context, Scheme, Options, idToken);
await Options.Events.ValidateIdToken(validateIdContext);
}
var tokenClaims = ExtractClaimsFromToken(idToken);
foreach (var claim in tokenClaims)
{
identity.AddClaim(claim);
}
var principal = new ClaimsPrincipal(identity);
var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, tokens.Response.RootElement);
context.RunClaimActions();
await Options.Events.CreatingTicket(context);
return(new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name));
}
/// <summary>
/// Loads the Apple public key as an asynchronous operation.
/// </summary>
/// <param name="context">The context.</param>
/// <returns>
/// A <see cref="Task{TResult}"/> representing the asynchronous operation
/// to get the raw bytes of the public key to use for Sign in with Apple.
/// </returns>
public abstract Task <byte[]> LoadPublicKeysAsync(AppleValidateIdTokenContext context);
/// <summary> /// Invoked whenever the ID token needs to be validated. /// </summary> /// <param name="context">Contains information about the ID token to validate.</param> /// <returns> /// A <see cref="Task"/> representing the completed operation. /// </returns> public virtual async Task ValidateIdToken([NotNull] AppleValidateIdTokenContext context) => await OnValidateIdToken(context);
/// <summary> /// Validates the Apple ID token associated with the specified context as an asynchronous operation. /// </summary> /// <param name="context">The context to validate the ID token for.</param> /// <returns> /// A <see cref="Task"/> representing the asynchronous operation to validate the ID token. /// </returns> public abstract Task ValidateAsync(AppleValidateIdTokenContext context);
