popov/mwitnessing
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

try new generated appleID secret

Browse Source
This commit is contained in:
Dobromir Popov
2024-04-17 00:57:34 +03:00
parent 6a04513359
commit d81b64b34d
6 changed files with 60 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.env
View File

@ -21,7 +21,7 @@ AZURE_AD_TENANT_ID=f69d1a93-bfba-498a-9b60-e87c1bc26276
# First APPLE_SECRET=eyJhbGciOiJFUzI1NiIsImtpZCI6IlRCM1YzNTVHNVkifQ.eyJhdWQiOiJodHRwczovL2FwcGxlaWQuYXBwbGUuY29tIiwiaXNzIjoiWEM1N1A5U1hESyIsImlhdCI6MTcxMjE3ODM0MiwiZXhwIjoxNzI3NzMwMzQzLCJzdWIiOiJjb20ubXdoaXRuZXNzaW5nLnNvZmlhIn0.XceA0qUQi0tXg0GM_LkJkpNU5AqXLiSB2JlEVbHCB_nINbQTWkjtoWxfqmvdOkIzwKtvdQ8FFb-crK9no9Bbbw # First APPLE_SECRET=eyJhbGciOiJFUzI1NiIsImtpZCI6IlRCM1YzNTVHNVkifQ.eyJhdWQiOiJodHRwczovL2FwcGxlaWQuYXBwbGUuY29tIiwiaXNzIjoiWEM1N1A5U1hESyIsImlhdCI6MTcxMjE3ODM0MiwiZXhwIjoxNzI3NzMwMzQzLCJzdWIiOiJjb20ubXdoaXRuZXNzaW5nLnNvZmlhIn0.XceA0qUQi0tXg0GM_LkJkpNU5AqXLiSB2JlEVbHCB_nINbQTWkjtoWxfqmvdOkIzwKtvdQ8FFb-crK9no9Bbbw
APPLE_APP_ID=com.mwhitnessing.sofia APPLE_APP_ID=com.mwhitnessing.sofia
APPLE_SECRET=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IiJ9.eyJpYXQiOjE3MTMyMDI1MzAsImV4cCI6MTcyODc1NDUzMCwiYXVkIjoiaHR0cHM6Ly9hcHBsZWlkLmFwcGxlLmNvbSIsImlzcyI6IiIsInN1YiI6IiJ9.C18A_ZBGcaHoGf8JPeQtdkLdWQqAqzCygWd6eD_S-X3OXw8ZWNXGtGAk5xEB9sui84OW60dNnH6ZGQMAtP5-hA APPLE_SECRET=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IlRCM1YzNTVHNVkifQ.eyJpYXQiOjE3MTMzMDQ1OTMsImV4cCI6MTcyODg1NjU5MywiYXVkIjoiaHR0cHM6Ly9hcHBsZWlkLmFwcGxlLmNvbSIsImlzcyI6IlhDNTdQOVNYREsiLCJzdWIiOiJjb20ubXdoaXRuZXNzaW5nLnNvZmlhIn0.iO2prjQ_4P7F17R7LTJfG9zHluj59uUtm8DA1LbK49jVBMeGHQP_Az7s_yU5D-GeMHSwU7VnVHcaVKiGWT_Yjg
# with team in the ID? # with team in the ID?
#APPLE_APP_ID=XC57P9SXDK.com.mwhitnessing.sofia #APPLE_APP_ID=XC57P9SXDK.com.mwhitnessing.sofia

2
.env.production
View File

@ -7,7 +7,7 @@ NEXT_PUBLIC_PUBLIC_URL= https://sofia.mwitnessing.com
NEXTAUTH_SECRET=1dd8a5457970d1dda50600be28e935ecc4513ff27c49c431849e6746f158d638 NEXTAUTH_SECRET=1dd8a5457970d1dda50600be28e935ecc4513ff27c49c431849e6746f158d638
# ? do we need to duplicate this? already defined in the deoployment yml file # ? do we need to duplicate this? already defined in the deoployment yml file
DATABASE=mysql://jwpwsofia:dwxhns9p9vp248V39xJyRthUsZ2gR9@mariadb:3306/jwpwsofia DATABASE=mysql://jwpwsofia:dwxhns9p9vp248V39xJyRthUsZ2gR9@mariadb:3306/jwpwsofia
# DATABASE=mysql://cart:cartpw@localhost:3306/cart
EMAIL_BYPASS_TO= EMAIL_BYPASS_TO=
MAILTRAP_HOST_BULK=bulk.smtp.mailtrap.io MAILTRAP_HOST_BULK=bulk.smtp.mailtrap.io

68
_deploy/setupAppleId.mjs
View File

@ -4,14 +4,14 @@ import { SignJWT } from "jose"
import { createPrivateKey } from "crypto" import { createPrivateKey } from "crypto"
if (process.argv.includes("--help") || process.argv.includes("-h")) { if (process.argv.includes("--help") || process.argv.includes("-h")) {
console.log(` console.log(`
Creates a JWT from the components found at Apple. Creates a JWT from the components found at Apple.
By default, the JWT has a 6 months expiry date. By default, the JWT has a 6 months expiry date.
Read more: https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens#3262048 Read more: https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens#3262048
Usage: Usage:
node apple.mjs [--kid] [--iss] [--private_key] [--sub] [--expires_in] [--exp] node apple.mjs [--kid] [--iss] [--private_key] [--sub] [--expires_in] [--exp]
APPLE_ID=com.mwhitnessing.sofia APPLE_APP_ID=com.mwhitnessing.sofia
APPLE_TEAM_ID=XC57P9SXDK APPLE_TEAM_ID=XC57P9SXDK
APPLE_KEY_ID=TB3V355G5Y APPLE_KEY_ID=TB3V355G5Y
APPLE_KEY APPLE_KEY
@ -37,45 +37,45 @@ eyJhbGciOiJFUzI1NiIsImtpZCI6IlRCM1YzNTVHNVkifQ.eyJhdWQiOiJodHRwczovL2FwcGxlaWQuY
--exp Future date in seconds when the JWT expires --exp Future date in seconds when the JWT expires
`) `)
} else { } else {
const args = process.argv.slice(2).reduce((acc, arg, i) => { const args = process.argv.slice(2).reduce((acc, arg, i) => {
if (arg.match(/^--\w/)) { if (arg.match(/^--\w/)) {
const key = arg.replace(/^--/, "").toLowerCase() const key = arg.replace(/^--/, "").toLowerCase()
acc[key] = process.argv[i + 3] acc[key] = process.argv[i + 3]
} }
return acc return acc
}, {}) }, {})
const { const {
team_id, team_id,
iss = team_id, iss = team_id,
private_key, private_key,
client_id, client_id,
sub = client_id, sub = client_id,
key_id, key_id,
kid = key_id, kid = key_id,
expires_in = 86400 * 180, expires_in = 86400 * 180,
exp = Math.ceil(Date.now() / 1000) + expires_in, exp = Math.ceil(Date.now() / 1000) + expires_in,
} = args } = args
/** /**
* How long is the secret valid in seconds. * How long is the secret valid in seconds.
* @default 15780000 * @default 15780000
*/ */
const expiresAt = Math.ceil(Date.now() / 1000) + expires_in const expiresAt = Math.ceil(Date.now() / 1000) + expires_in
const expirationTime = exp ?? expiresAt const expirationTime = exp ?? expiresAt
console.log(` console.log(`
Apple client secret generated. Valid until: ${new Date(expirationTime * 1000)} Apple client secret generated. Valid until: ${new Date(expirationTime * 1000)}
${await new SignJWT({}) ${await new SignJWT({})
.setAudience("https://appleid.apple.com") .setAudience("https://appleid.apple.com")
.setIssuer(iss) .setIssuer(iss)
.setIssuedAt() .setIssuedAt()
.setExpirationTime(expirationTime) .setExpirationTime(expirationTime)
.setSubject(sub) .setSubject(sub)
.setProtectedHeader({ alg: "ES256", kid }) .setProtectedHeader({ alg: "ES256", kid })
.sign(createPrivateKey(private_key.replace(/\\n/g, "\n")))}`) .sign(createPrivateKey(private_key.replace(/\\n/g, "\n")))}`)
} }

20
package-lock.json generated
View File

@ -4802,6 +4802,7 @@
"version": "3.1.0", "version": "3.1.0",
"resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz", "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz",
"integrity": "sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==", "integrity": "sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==",
"optional": true,
"dependencies": { "dependencies": {
"clean-stack": "^2.0.0", "clean-stack": "^2.0.0",
"indent-string": "^4.0.0" "indent-string": "^4.0.0"
@ -5771,6 +5772,7 @@
"url": "https://github.com/sponsors/sibiraj-s" "url": "https://github.com/sponsors/sibiraj-s"
} }
], ],
"optional": true,
"engines": { "engines": {
"node": ">=8" "node": ">=8"
} }
@ -5784,6 +5786,7 @@
"version": "2.2.0", "version": "2.2.0",
"resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz", "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz",
"integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==", "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==",
"optional": true,
"engines": { "engines": {
"node": ">=6" "node": ">=6"
} }
@ -8546,7 +8549,8 @@
"node_modules/hosted-git-info": { "node_modules/hosted-git-info": {
"version": "2.8.9", "version": "2.8.9",
"resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.9.tgz", "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.9.tgz",
"integrity": "sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw==" "integrity": "sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw==",
"optional": true
}, },
"node_modules/hsl-to-hex": { "node_modules/hsl-to-hex": {
"version": "1.0.0", "version": "1.0.0",
@ -8888,6 +8892,7 @@
"version": "4.0.0", "version": "4.0.0",
"resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz",
"integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==", "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==",
"optional": true,
"engines": { "engines": {
"node": ">=8" "node": ">=8"
} }
@ -8915,6 +8920,7 @@
"version": "2.0.0", "version": "2.0.0",
"resolved": "https://registry.npmjs.org/ini/-/ini-2.0.0.tgz", "resolved": "https://registry.npmjs.org/ini/-/ini-2.0.0.tgz",
"integrity": "sha512-7PnF4oN3CvZF23ADhA5wRaYEQpJ8qygSkbtTXWBeXWXmEVRXK+1ITciHWwHhsjv1TmW0MgacIv6hEi5pX5NQdA==", "integrity": "sha512-7PnF4oN3CvZF23ADhA5wRaYEQpJ8qygSkbtTXWBeXWXmEVRXK+1ITciHWwHhsjv1TmW0MgacIv6hEi5pX5NQdA==",
"optional": true,
"engines": { "engines": {
"node": ">=10" "node": ">=10"
} }
@ -10943,6 +10949,7 @@
"version": "2.5.0", "version": "2.5.0",
"resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz",
"integrity": "sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==", "integrity": "sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==",
"optional": true,
"dependencies": { "dependencies": {
"hosted-git-info": "^2.1.4", "hosted-git-info": "^2.1.4",
"resolve": "^1.10.0", "resolve": "^1.10.0",
@ -10954,6 +10961,7 @@
"version": "5.7.2", "version": "5.7.2",
"resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz", "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz",
"integrity": "sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g==", "integrity": "sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g==",
"optional": true,
"bin": { "bin": {
"semver": "bin/semver" "semver": "bin/semver"
} }
@ -13870,6 +13878,7 @@
"version": "4.0.0", "version": "4.0.0",
"resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz", "resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz",
"integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==", "integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==",
"optional": true,
"dependencies": { "dependencies": {
"aggregate-error": "^3.0.0" "aggregate-error": "^3.0.0"
}, },
@ -15871,6 +15880,7 @@
"version": "3.2.0", "version": "3.2.0",
"resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.2.0.tgz", "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.2.0.tgz",
"integrity": "sha512-kN9dJbvnySHULIluDHy32WHRUu3Og7B9sbY7tsFLctQkIqnMh3hErYgdMjTYuqmcXX+lK5T1lnUt3G7zNswmZA==", "integrity": "sha512-kN9dJbvnySHULIluDHy32WHRUu3Og7B9sbY7tsFLctQkIqnMh3hErYgdMjTYuqmcXX+lK5T1lnUt3G7zNswmZA==",
"optional": true,
"dependencies": { "dependencies": {
"spdx-expression-parse": "^3.0.0", "spdx-expression-parse": "^3.0.0",
"spdx-license-ids": "^3.0.0" "spdx-license-ids": "^3.0.0"
@ -15879,12 +15889,14 @@
"node_modules/spdx-exceptions": { "node_modules/spdx-exceptions": {
"version": "2.5.0", "version": "2.5.0",
"resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.5.0.tgz", "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.5.0.tgz",
"integrity": "sha512-PiU42r+xO4UbUS1buo3LPJkjlO7430Xn5SVAhdpzzsPHsjbYVflnnFdATgabnLude+Cqu25p6N+g2lw/PFsa4w==" "integrity": "sha512-PiU42r+xO4UbUS1buo3LPJkjlO7430Xn5SVAhdpzzsPHsjbYVflnnFdATgabnLude+Cqu25p6N+g2lw/PFsa4w==",
"optional": true
}, },
"node_modules/spdx-expression-parse": { "node_modules/spdx-expression-parse": {
"version": "3.0.1", "version": "3.0.1",
"resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz", "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz",
"integrity": "sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==", "integrity": "sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==",
"optional": true,
"dependencies": { "dependencies": {
"spdx-exceptions": "^2.1.0", "spdx-exceptions": "^2.1.0",
"spdx-license-ids": "^3.0.0" "spdx-license-ids": "^3.0.0"
@ -15893,7 +15905,8 @@
"node_modules/spdx-license-ids": { "node_modules/spdx-license-ids": {
"version": "3.0.17", "version": "3.0.17",
"resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.17.tgz", "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.17.tgz",
"integrity": "sha512-sh8PWc/ftMqAAdFiBu6Fy6JUOYjqDJBJvIhpfDMyHrr0Rbp5liZqd4TjtQ/RgfLjKFZb+LMx5hpml5qOWy0qvg==" "integrity": "sha512-sh8PWc/ftMqAAdFiBu6Fy6JUOYjqDJBJvIhpfDMyHrr0Rbp5liZqd4TjtQ/RgfLjKFZb+LMx5hpml5qOWy0qvg==",
"optional": true
}, },
"node_modules/ssf": { "node_modules/ssf": {
"version": "0.8.2", "version": "0.8.2",
@ -17442,6 +17455,7 @@
"version": "3.0.4", "version": "3.0.4",
"resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz",
"integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==", "integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==",
"optional": true,
"dependencies": { "dependencies": {
"spdx-correct": "^3.0.0", "spdx-correct": "^3.0.0",
"spdx-expression-parse": "^3.0.0" "spdx-expression-parse": "^3.0.0"

10
pages/api/auth/apple-token.ts
View File

@ -9,17 +9,19 @@ export default async function handler(req, res) {
if (req.method === 'GET') { if (req.method === 'GET') {
try { try {
const appleKey = fs.readFileSync(path.resolve('./_deploy/appleKey.p8'), 'utf8'); const appleKey = fs.readFileSync(path.resolve('./_deploy/appleKey.p8'), 'utf8');
const teamID = process.env.APPLE_TEAM_ID || "XC57P9SXDK";
const keyID = process.env.APPLE_KEY_ID || "TB3V355G5Y";
const appleAppID = process.env.APPLE_APP_ID || "com.mwitnessing.mwitnessing";
const token = jwt.sign({}, appleKey, { const token = jwt.sign({}, appleKey, {
algorithm: 'ES256', algorithm: 'ES256',
expiresIn: '180d', expiresIn: '180d',
issuer: process.env.APPLE_TEAM_ID, issuer: teamID,
header: { header: {
alg: 'ES256', alg: 'ES256',
kid: process.env.APPLE_KEY_ID, kid: keyID,
}, },
audience: 'https://appleid.apple.com', audience: 'https://appleid.apple.com',
subject: process.env.APPLE_ID, subject: appleAppID,
}); });
// Redirect to Apple's authentication page, or send the token to the client to do so // Redirect to Apple's authentication page, or send the token to the client to do so

2
server.js
View File

@ -40,7 +40,7 @@ console.log("process.env.PORT = ", process.env.PORT);
console.log("process.env.TELEGRAM_BOT = ", process.env.TELEGRAM_BOT); console.log("process.env.TELEGRAM_BOT = ", process.env.TELEGRAM_BOT);
console.log("process.env.DATABASE_URL = ", process.env.DATABASE_URL); console.log("process.env.DATABASE_URL = ", process.env.DATABASE_URL);
console.log("process.env.DATABASE = ", process.env.DATABASE); console.log("process.env.DATABASE = ", process.env.DATABASE);
console.log("process.env.APPLE_ID = ", process.env.APPLE_ID); console.log("process.env.APPLE_APP_ID = ", process.env.APPLE_APP_ID);
//require('module-alias/register'); //require('module-alias/register');