Sigra.OAuth.Strategies.Apple (Sigra v0.2.2)

Wraps Assent.Strategy.Apple for Sigra OAuth integration.

Apple uses OIDC with private key authentication (D-18). Default scopes: name, email.

Important: Apple only returns the user's name on the first authorization (Pitfall 2 from RESEARCH.md). normalize_user/1 preserves nil name fields so downstream code can detect and skip name updates on subsequent logins.

Summary

Functions

authorize_url(provider_config)

Generates the authorization URL for Apple OAuth.

callback(provider_config, params, session_params)

Handles the OAuth callback from Apple.

default_scopes()

Returns the default OAuth scopes for Apple.

ensure_assent!()

Verifies that the Assent library is available.

normalize_user(user)

Normalizes an Apple user info map to a consistent shape.

Functions

authorize_url(provider_config)

(since 0.1.0)

@spec authorize_url(keyword()) :: {:ok, map()} | {:error, term()}

Generates the authorization URL for Apple OAuth.

Delegates to Assent.Strategy.Apple's authorize_url function with merged config.

callback(provider_config, params, session_params)

(since 0.1.0)

@spec callback(keyword(), map(), map()) :: {:ok, map(), map()} | {:error, term()}

Handles the OAuth callback from Apple.

Delegates to Assent.Strategy.Apple's callback function and normalizes the user info.

default_scopes()

(since 0.1.0)

@spec default_scopes() :: [String.t()]

Returns the default OAuth scopes for Apple.

ensure_assent!()

(since 0.1.0)

@spec ensure_assent!() :: :ok

Verifies that the Assent library is available.

Raises a descriptive error if Assent is not loaded (D-14). Returns :ok if available.

normalize_user(user)

(since 0.1.0)

@spec normalize_user(map()) :: map()

Normalizes an Apple user info map to a consistent shape.

Preserves nil name when Apple does not return it (only sent on first auth).