Skip to content

Commit 1a966a6

Browse files
omnimaxxingomnimaxxing
committed
feat: add form_post response mode support for Apple OAuth
1 parent 695de7f commit 1a966a6

File tree

2 files changed

+13
-8
lines changed

2 files changed

+13
-8
lines changed

package.json

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
"type": "module",
55
"homepage:": "https://payloadcms.com",
66
"repository": "https://github.com/WilsonLe/payload-oauth2",
7-
"description": "OAuth2 plugin for Payload CMS",
7+
"description": "OAuth2 plugin for Payload CMS with Apple Sign In support",
88
"main": "dist/index.js",
99
"types": "dist/index.d.ts",
1010
"keywords": [
@@ -14,7 +14,8 @@
1414
"typescript",
1515
"react",
1616
"oauth2",
17-
"payload-plugin"
17+
"payload-plugin",
18+
"apple-sign-in"
1819
],
1920
"files": [
2021
"dist"

src/callback-endpoint.ts

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -15,19 +15,23 @@ export const createCallbackEndpoint = (
1515
// Support both GET (default OAuth2) and POST (required for Apple OAuth with form_post)
1616
// - GET: Used by most OAuth providers (Google, GitHub, etc.)
1717
// - POST: Required by Apple when requesting name/email scopes with response_mode=form_post
18-
method: ['get', 'post'],
18+
method: 'post' as const,
1919
path: pluginOptions.callbackPath || '/oauth/callback',
2020
handler: async (req) => {
2121
try {
22-
// Handle authorization code from both GET query params and POST body
23-
// This enables support for Apple's form_post response mode while maintaining
24-
// compatibility with traditional OAuth2 GET responses
25-
const code = req.method === 'POST' ? req.body?.code : req.query?.code
22+
// Handle authorization code from both GET query params and POST body
23+
// This enables support for Apple's form_post response mode while maintaining
24+
// compatibility with traditional OAuth2 GET responses
25+
const code = req.method === "POST"
26+
? (req.body)?.code // Type assertion for body
27+
: (req.query)?.code // Type assertion for query
2628
// Improved error handling to clearly indicate whether we're missing the code
2729
// from POST body (Apple OAuth) or GET query parameters (standard OAuth)
2830
if (typeof code !== 'string')
2931
throw new Error(
30-
`Code not found in ${req.method === 'POST' ? 'body' : 'query'}: ${JSON.stringify(req.method === 'POST' ? req.body : req.query)}`,
32+
`Code not found in ${req.method === 'POST' ? 'body' : 'query'}: ${JSON.stringify(
33+
req.method === 'POST' ? req.body : req.query
34+
)}`,
3135
)
3236

3337
// /////////////////////////////////////

0 commit comments

Comments
 (0)