如何找到 appleid.apple.com/auth/revoke 端点所需的 client_id 和 client_secret 值?
How can I find the desired client_id and client_secret values for the appleid.apple.com/auth/revoke endpoint?
我想在我的项目中为使用 Apple REST API 登录的用户使用帐户删除功能。 curl 请求中指定的 client_id 和 client_secret 值在我的 iOS 应用程序中对应什么值?
curl -v POST "https://appleid.apple.com/auth/revoke" \
-H 'content-type: application/x-www-form-urlencoded' \
-d 'client_id=CLIENT_ID' \
-d 'client_secret=CLIENT_SECRET' \
-d 'token=REFRESH_TOKEN' \
-d 'token_type_hint=refresh_token'
撤销link不会删除账户。它只是撤销您发送的令牌
文档告诉你每个部分是什么
https://developer.apple.com/documentation/sign_in_with_apple/revoke_tokens
client_id
string
(Required) The identifier (App ID or Services ID) for your app.
client_secret
string
(Required) A secret JSON Web Token (JWT) that uses the Sign in with Apple private key associated with your developer account.
客户端密钥的 JWT 将如下所示
{
"alg": "ES256", //The algorithm used to sign the token. For Sign in with Apple, use ES256.
"kid": "ABC123DEFG"//A 10-character key identifier generated for the Sign in with Apple private key associated with your developer account.
}
{
"iss": "DEF123GHIJ",// use your 10-character Team ID associated with your developer account.
"iat": 1437179036,//time at which you generated the client secret, in terms of the number of seconds since Epoch, in UTC.
"exp": 1493298100,//The expiration time registered claim identifies the time on or after which the client secret expires.
"aud": "https://appleid.apple.com",
"sub": "com.mytest.app" //use the same value as client_id. The value is case-sensitive.
}
https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens
上面 link 的底部为您提供了创建令牌所需的一切,您将需要第 3 方 api 对其进行签名。
所需的私钥不应包含在捆绑包中,这可能是没有太多 swift 相关文档的原因。
我想在我的项目中为使用 Apple REST API 登录的用户使用帐户删除功能。 curl 请求中指定的 client_id 和 client_secret 值在我的 iOS 应用程序中对应什么值?
curl -v POST "https://appleid.apple.com/auth/revoke" \
-H 'content-type: application/x-www-form-urlencoded' \
-d 'client_id=CLIENT_ID' \
-d 'client_secret=CLIENT_SECRET' \
-d 'token=REFRESH_TOKEN' \
-d 'token_type_hint=refresh_token'
撤销link不会删除账户。它只是撤销您发送的令牌
文档告诉你每个部分是什么 https://developer.apple.com/documentation/sign_in_with_apple/revoke_tokens
client_id string (Required) The identifier (App ID or Services ID) for your app.
client_secret string (Required) A secret JSON Web Token (JWT) that uses the Sign in with Apple private key associated with your developer account.
客户端密钥的 JWT 将如下所示
{
"alg": "ES256", //The algorithm used to sign the token. For Sign in with Apple, use ES256.
"kid": "ABC123DEFG"//A 10-character key identifier generated for the Sign in with Apple private key associated with your developer account.
}
{
"iss": "DEF123GHIJ",// use your 10-character Team ID associated with your developer account.
"iat": 1437179036,//time at which you generated the client secret, in terms of the number of seconds since Epoch, in UTC.
"exp": 1493298100,//The expiration time registered claim identifies the time on or after which the client secret expires.
"aud": "https://appleid.apple.com",
"sub": "com.mytest.app" //use the same value as client_id. The value is case-sensitive.
}
https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens
上面 link 的底部为您提供了创建令牌所需的一切,您将需要第 3 方 api 对其进行签名。
所需的私钥不应包含在捆绑包中,这可能是没有太多 swift 相关文档的原因。