‘Sign in with Apple’ implementation

Hitesh Kumar

·

Follow

Published in

Mac O’Clock

·

4 min read

·

Apr 20, 2020

--

Listen

Share

In WWDC 2019, Apple has announced a new privacy-focused mechanism for users to sign in on a third-party app, named “Sign in with Apple” (SiwA). If your app currently allows user to sign in with third-party providers such as Facebook, Google, Twitter etc, you will also need to add a “Sign in with Apple” option for the user, failure to comply might result in rejection during App Review.

According to this Apple guide, existing apps in App Store have a deadline of June 2020(extended) to implement SiwA, and new app submitted to App Store (after September 2019) must implement SiwA if the app supports other third-party logins.

Starting today, new apps submitted to the App Store must follow these guidelines. Existing apps and app updates must follow them by April 2020.

And from App Store review guideline, your app does not need to implement SiwA if your app exclusively uses your company's own login system.

Sign in with Apple is not required if:

Your app exclusively uses your company’s own account setup and sign-in systems.

Your app is an education, enterprise, or business app that requires the user to sign in with an existing education or enterprise account.

Your app uses a government or industry-backed citizen identification system or electronic ID to authenticate users.

Your app is a client for a specific third-party service and users are required to sign in to their mail, social media, or other third-party account directly to access their content.

Enabling Sign In with Apple ID

There are two ways using which you can enable Sign In with Apple ID Capability.

Using Apple Developer Account

You can edit your App ID configurations in Certificates, Identifiers & Profiles.

Using Xcode

1. Open your Xcode Project.
2. Project Navigator→ Select Project → Select Target.
3. In Project Editor, Click Signing & Capabilities.
4. Add Capability by clicking the + button. Search for Sign In with Apple Capability in Capability Library.
5. Double-click the capability to add.

Sign In with Apple Entitlement

You need to add entitlement if you enable capability using apple developer account. If you configure capabilities using Xcode, Xcode manages the related entitlements so you don’t need to edit the entitlements file or an App ID directly.

<?xml version=”1.0" encoding=”UTF-8"?>
<!DOCTYPE plist PUBLIC “-//Apple//DTD PLIST 1.0//EN” “http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version=”1.0">
<dict>
<key>com.apple.developer.applesignin</key>
<array>
<string>Default</string>
</array>
</dict>
</plist>

Sign In Setup and Functionality

We need to use Authentication Services framework to give users the ability to sign in to your services with their Apple ID.

import AuthenticationServices

Add Sign In with Apple Button.

func setUpSignInAppleButton() {   let authorizationButton = ASAuthorizationAppleIDButton()    authorizationButton.addTarget(self, action: #selector(handleAppleIdRequest), for: .touchUpInside)   authorizationButton.cornerRadius = 10   //Add button on some view or stack
   self.signInButtonStack.addArrangedSubview(authorizationButton)
}

Function to create a request using ASAuthorizationAppleIDProvider and initialize a controller ASAuthorizationController to perform the request.

@objc func handleAppleIdRequest() {    let appleIDProvider = ASAuthorizationAppleIDProvider()
    let request = appleIDProvider.createRequest()
    request.requestedScopes = [.fullName, .email]    let authorizationController = ASAuthorizationController(authorizationRequests: [request])    authorizationController.delegate = self
    authorizationController.performRequests()
}

Conform to ASAuthorizationControllerDelegate

The below function is called after successful Sign In.

func authorizationController(controller: ASAuthorizationController, didCompleteWithAuthorization authorization: ASAuthorization) {    guard let appleIDCredential = authorization.credential as?  ASAuthorizationAppleIDCredential else {        return
    }    let userIdentifier = appleIDCredential.user    let fullName = appleIDCredential.fullName    let email = appleIDCredential.email    print(“User id is \(userIdentifier) \n Full Name is \(String(describing: fullName)) \n Email id is \(String(describing: email))”)}

You can handle errors in the below function.

func authorizationController(controller: ASAuthorizationController, didCompleteWithError error: Error) {
    // Handle error here.
}

Check Credential State

On successful authorization, we get User Info which has User Identifier.
We can use that identifier to check the user’s credential state by calling the getCredentialState(forUserID:completion:) method:

let appleIDProvider = ASAuthorizationAppleIDProvider()
appleIDProvider.getCredentialState(forUserID: userID) {  (credentialState, error) in
     switch credentialState {
        case .authorized:
            // The Apple ID credential is valid.
            break
        case .revoked:
            // The Apple ID credential is revoked.
            break
        case .notFound:
            // No credential was found, so show the sign-in UI.
        default:
            break 
     }
}

Successfully integrated Sign in with Apple :)