CodeCow/stack
1
0
Fork 0
mirror of https://github.com/stack-auth/stack.git synced 2026-06-04 21:04:37 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
866e618a20
stack/sdks/implementations/swift/Examples/StackAuthMacOS
History
Aman Ganapathy c8694c7ff5
[Fix] [Feat] Update OAuth Sign-In and Get Token Functions to Work (#1130) 
### Summary of Changes

Previously, on the Swift SDK, the `signInWithOAuth` function wasn't
working. In this PR, we fix it by having the `getOAuthUrl` function to
actually redirect correctly. Note that to do so, we updated the
`validRedirectUrl` check on the backend to accept app native redirects
(from our new trusted url scheme). Another thing to note is that we
added functionality to the `TokenStore` abstraction to conditionally
refresh the access token that the user is trying to fetch if it is
expired/close to expiring if possible. `getOAuthUrl` will attempt to get
a valid access token, and thus will rely on our algorithm documented in
`utilities.md`.

The specs serve as the source of truth.

We go further and implement Apple Native sign in. To do so, we have it
hit a new route on the backend and verify the `jwtToken` retrieved by
the sdk against an Apple-provided set of `jwks`. We use jose to do so,
in line with the rest of the codebase.

We take this opportunity to refactor the oauth provider route owing to
the amount of duplicated logic. Additionally, to enable the apple sign
in, users will have to update the Apple authentication method modal on
the dashboard and add accepted bundle ids. These are identifiers for
projects, and we will check the `JWT` on the backend to make sure the
audience is set to an accepted bundleId.

We also update the Apple modal to be more informative.

### Using the new Features

To use the Apple native sign in, users will have to 1) sign up with an
apple developer account, 2) set up their bundleids for their projects by
connecting them to the apple developer account, 3) update the Stack-Auth
Authentication Methods dashboard apple modal with the relevant fields.
Then, trying to sign in with apple with our Swift SDK will use the apple
native sign in.

### UI Changes

Renamed the fields in the apple modal. Added a new field for bundle ids.
See below.


https://github.com/user-attachments/assets/0e760c0e-3198-4818-ac7f-4900d7a125bb



Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
2026-01-28 02:17:27 +00:00
..
StackAuthMacOS [Fix] [Feat] Update OAuth Sign-In and Get Token Functions to Work (#1130) 2026-01-28 02:17:27 +00:00
Package.resolved [Fix] [Feat] Update OAuth Sign-In and Get Token Functions to Work (#1130) 2026-01-28 02:17:27 +00:00
Package.swift [Fix] [Feat] Update OAuth Sign-In and Get Token Functions to Work (#1130) 2026-01-28 02:17:27 +00:00
README.md [Fix] [Feat] Update OAuth Sign-In and Get Token Functions to Work (#1130) 2026-01-28 02:17:27 +00:00

README.md

Stack Auth macOS Example

A comprehensive macOS SwiftUI application for testing all Stack Auth SDK functions interactively.

Prerequisites

  • macOS 14.0+
  • Swift 5.9+
  • A running Stack Auth backend (default: http://localhost:8102)

Running the Example

  1. Start the Stack Auth backend:

    cd /path/to/stack-2
pnpm run dev

  2. Open and run the example:

    cd Examples/StackAuthMacOS
swift run

    Or open in Xcode:

    open Package.swift

Features

The example app provides a sidebar navigation with the following sections:

Configuration

  • Settings: Configure API base URL, project ID, and API keys
  • Logs: View real-time logs of all SDK operations

Client App Testing

  • Authentication

    • Sign up with email/password
    • Sign in with credentials
    • Sign in with wrong password (error testing)
    • Sign out
    • Get current user
    • Get user (or throw)

  • User Management

    • Set display name
    • Update client metadata
    • Update password
    • Get access/refresh tokens
    • Get auth headers
    • Get partial user from token

  • Teams

    • Create team
    • List user's teams
    • Get team by ID
    • List team members

  • Contact Channels

    • List contact channels

  • OAuth

    • Generate OAuth URLs for Google, GitHub, Microsoft
    • Test PKCE code generation

  • Tokens

    • Get access token (JWT format)
    • Get refresh token
    • Get auth headers
    • Test different token stores

Server App Testing

  • Server Users

    • Create user (basic and with all options)
    • List users with pagination
    • Get user by ID
    • Delete user

  • Server Teams

    • Create team
    • List all teams
    • Add/remove users from teams
    • List team users
    • Delete team

  • Sessions

    • Create session (impersonation)
    • Use session tokens with client app

Default Configuration

The example is pre-configured for local development:

  • Base URL: http://localhost:8102
  • Project ID: internal
  • Publishable Key: this-publishable-client-key-is-for-local-development-only
  • Secret Key: this-secret-server-key-is-for-local-development-only

SDK Functions Covered

Category Functions
Auth signUpWithCredential, signInWithCredential, signOut, getUser, getOAuthUrl
User setDisplayName, update (metadata), updatePassword, getAccessToken, getRefreshToken, getAuthHeaders, getPartialUser
Teams createTeam, listTeams, getTeam, listUsers (team members)
Contact listContactChannels
Server Users createUser, listUsers, getUser, delete, update (metadata, password)
Server Teams createTeam, listTeams, getTeam, addUser, removeUser, listUsers, delete
Sessions createSession
Errors EmailPasswordMismatchError, UserNotSignedInError, PasswordConfirmationMismatchError