gpt4 book ai didi

ios - 如何找到 appleid.apple.com/auth/revoke 端点所需的 client_id 和 client_secret 值?

转载 作者:行者123 更新时间:2023-12-05 05:40:08 24 4
gpt4 key购买 nike

我想在我的项目中为使用 Apple REST API 登录的用户使用帐户删除功能。 curl 请求中指定的 client_id 和 client_secret 值在我的 iOS 应用程序中对应什么值?

curl -v POST "https://appleid.apple.com/auth/revoke" \
-H 'content-type: application/x-www-form-urlencoded' \
-d 'client_id=CLIENT_ID' \
-d 'client_secret=CLIENT_SECRET' \
-d 'token=REFRESH_TOKEN' \
-d 'token_type_hint=refresh_token'

最佳答案

  1. 撤销链接不会删除帐户。它只是撤销您发送的 token

  2. 文档告诉你每个部分是什么 https://developer.apple.com/documentation/sign_in_with_apple/revoke_tokens

client_idstring(Required) The identifier (App ID or Services ID) for your app.

client_secretstring(Required) A secret JSON Web Token (JWT) that uses the Sign in with Apple private key associated with your developer account.

客户端 key 的 JWT 将如下所示

{

"alg": "ES256", //The algorithm used to sign the token. For Sign in with Apple, use ES256.
"kid": "ABC123DEFG"//A 10-character key identifier generated for the Sign in with Apple private key associated with your developer account.
}
{
"iss": "DEF123GHIJ",// use your 10-character Team ID associated with your developer account.
"iat": 1437179036,//time at which you generated the client secret, in terms of the number of seconds since Epoch, in UTC.
"exp": 1493298100,//The expiration time registered claim identifies the time on or after which the client secret expires.
"aud": "https://appleid.apple.com",
"sub": "com.mytest.app" //use the same value as client_id. The value is case-sensitive.
}

https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens

上面链接的底部为您提供了创建 token 所需的一切,您将需要第 3 方 api 来对其进行签名。

所需的私钥不应包含在 bundle 中,这可能是为什么没有太多关于此的快速文档的原因。

关于ios - 如何找到 appleid.apple.com/auth/revoke 端点所需的 client_id 和 client_secret 值?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/72476140/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com