mirror of
https://github.com/stack-auth/stack.git
synced 2026-06-13 21:01:21 +08:00
c8694c7ff5
### Summary of Changes Previously, on the Swift SDK, the `signInWithOAuth` function wasn't working. In this PR, we fix it by having the `getOAuthUrl` function to actually redirect correctly. Note that to do so, we updated the `validRedirectUrl` check on the backend to accept app native redirects (from our new trusted url scheme). Another thing to note is that we added functionality to the `TokenStore` abstraction to conditionally refresh the access token that the user is trying to fetch if it is expired/close to expiring if possible. `getOAuthUrl` will attempt to get a valid access token, and thus will rely on our algorithm documented in `utilities.md`. The specs serve as the source of truth. We go further and implement Apple Native sign in. To do so, we have it hit a new route on the backend and verify the `jwtToken` retrieved by the sdk against an Apple-provided set of `jwks`. We use jose to do so, in line with the rest of the codebase. We take this opportunity to refactor the oauth provider route owing to the amount of duplicated logic. Additionally, to enable the apple sign in, users will have to update the Apple authentication method modal on the dashboard and add accepted bundle ids. These are identifiers for projects, and we will check the `JWT` on the backend to make sure the audience is set to an accepted bundleId. We also update the Apple modal to be more informative. ### Using the new Features To use the Apple native sign in, users will have to 1) sign up with an apple developer account, 2) set up their bundleids for their projects by connecting them to the apple developer account, 3) update the Stack-Auth Authentication Methods dashboard apple modal with the relevant fields. Then, trying to sign in with apple with our Swift SDK will use the apple native sign in. ### UI Changes Renamed the fields in the apple modal. Added a new field for bundle ids. See below. https://github.com/user-attachments/assets/0e760c0e-3198-4818-ac7f-4900d7a125bb Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
112 lines
2.8 KiB
Markdown
112 lines
2.8 KiB
Markdown
# Stack Auth macOS Example
|
|
|
|
A comprehensive macOS SwiftUI application for testing all Stack Auth SDK functions interactively.
|
|
|
|
## Prerequisites
|
|
|
|
- macOS 14.0+
|
|
- Swift 5.9+
|
|
- A running Stack Auth backend (default: `http://localhost:8102`)
|
|
|
|
## Running the Example
|
|
|
|
1. Start the Stack Auth backend:
|
|
```bash
|
|
cd /path/to/stack-2
|
|
pnpm run dev
|
|
```
|
|
|
|
2. Open and run the example:
|
|
```bash
|
|
cd Examples/StackAuthMacOS
|
|
swift run
|
|
```
|
|
|
|
Or open in Xcode:
|
|
```bash
|
|
open Package.swift
|
|
```
|
|
|
|
## Features
|
|
|
|
The example app provides a sidebar navigation with the following sections:
|
|
|
|
### Configuration
|
|
- **Settings**: Configure API base URL, project ID, and API keys
|
|
- **Logs**: View real-time logs of all SDK operations
|
|
|
|
### Client App Testing
|
|
- **Authentication**
|
|
- Sign up with email/password
|
|
- Sign in with credentials
|
|
- Sign in with wrong password (error testing)
|
|
- Sign out
|
|
- Get current user
|
|
- Get user (or throw)
|
|
|
|
- **User Management**
|
|
- Set display name
|
|
- Update client metadata
|
|
- Update password
|
|
- Get access/refresh tokens
|
|
- Get auth headers
|
|
- Get partial user from token
|
|
|
|
- **Teams**
|
|
- Create team
|
|
- List user's teams
|
|
- Get team by ID
|
|
- List team members
|
|
|
|
- **Contact Channels**
|
|
- List contact channels
|
|
|
|
- **OAuth**
|
|
- Generate OAuth URLs for Google, GitHub, Microsoft
|
|
- Test PKCE code generation
|
|
|
|
- **Tokens**
|
|
- Get access token (JWT format)
|
|
- Get refresh token
|
|
- Get auth headers
|
|
- Test different token stores
|
|
|
|
### Server App Testing
|
|
- **Server Users**
|
|
- Create user (basic and with all options)
|
|
- List users with pagination
|
|
- Get user by ID
|
|
- Delete user
|
|
|
|
- **Server Teams**
|
|
- Create team
|
|
- List all teams
|
|
- Add/remove users from teams
|
|
- List team users
|
|
- Delete team
|
|
|
|
- **Sessions**
|
|
- Create session (impersonation)
|
|
- Use session tokens with client app
|
|
|
|
## Default Configuration
|
|
|
|
The example is pre-configured for local development:
|
|
- Base URL: `http://localhost:8102`
|
|
- Project ID: `internal`
|
|
- Publishable Key: `this-publishable-client-key-is-for-local-development-only`
|
|
- Secret Key: `this-secret-server-key-is-for-local-development-only`
|
|
|
|
## SDK Functions Covered
|
|
|
|
| Category | Functions |
|
|
|----------|-----------|
|
|
| Auth | signUpWithCredential, signInWithCredential, signOut, getUser, getOAuthUrl |
|
|
| User | setDisplayName, update (metadata), updatePassword, getAccessToken, getRefreshToken, getAuthHeaders, getPartialUser |
|
|
| Teams | createTeam, listTeams, getTeam, listUsers (team members) |
|
|
| Contact | listContactChannels |
|
|
| Server Users | createUser, listUsers, getUser, delete, update (metadata, password) |
|
|
| Server Teams | createTeam, listTeams, getTeam, addUser, removeUser, listUsers, delete |
|
|
| Sessions | createSession |
|
|
| Errors | EmailPasswordMismatchError, UserNotSignedInError, PasswordConfirmationMismatchError |
|