Description
Prerequisites
- I have written a descriptive issue title
- I have searched existing issues to ensure the bug has not already been reported
Fastify version
4.14.1
Plugin version
7.0.0
Node.js version
18
Operating system
Linux
Operating system version (i.e. 20.04, 11.3, 10)
20.04
Description
Hello,
there is a problem with apple sign in.
Apple client secret is a JWT that is created the first time that the app starts (when fastify load the plugin). But the secret has an expire time so after 5 minutes the plugin stops working because the client secret in not valid anymore.
The JWT expiration time can be extanded up to 6 month. But it is not a solution.
Steps to Reproduce
fastify.register(oauthPlugin, { name: 'appleOAuth2', scope: ['email'], credentials: { client: { id: process.env.APPLE_CLIENTID, secret: generateClientSecret() }, auth: oauthPlugin.APPLE_CONFIGURATION, options: { // bodyFormat: 'form', authorizationMethod: 'body' } }, startRedirectPath: '/login/apple', callbackUri: process.env.SERVER_URL + '/login/apple/callback' })
`function generateClientSecret() {
const expiresIn = 180 // in days (6 months) - custom time set based on requirements
return appleSignin.getClientSecret({
clientID: process.env.APPLE_CLIENTID,
teamID: process.env.APPLE_TEAM_ID,
keyIdentifier: process.env.APPLE_KEY_IDENTIFIER,
privateKeyPath: "privateKey.txt",
expAfter: expiresIn * 24 * 3600 // in seconds
})
}`
Expected Behavior
The client secret had to be recreated for each request to be always fresh and valid.