Apple SSO Callback returns OAuth2::AccessToken.from_hash `hash` contained more than one 'token' key

Question

I am trying to implement Apple SSO using the omniauth_apple gem in Ruby on Rails.

In my devise.rb, i have the following config

config.omniauth :apple, Rails.application.credentials.dig(Rails.env.to_sym, :apple_sso, :client_id), '', {
    scope: 'email name',
    team_id: Rails.application.credentials.dig(Rails.env.to_sym, :apple_sso, :team_id),
    key_id: Rails.application.credentials.dig(Rails.env.to_sym, :apple_sso, :key_id),
    pem: Rails.application.credentials.dig(Rails.env.to_sym, :apple_sso, :pem),
    redirect_uri: Rails.application.credentials.dig(Rails.env.to_sym, :apple_sso, :redirect_uri),
    provider_ignores_state: true
  }

In my omniauth_callbacks_controller.rb, i have the following

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
  skip_before_action :verify_authenticity_token, only: [:apple]
  protect_from_forgery prepend: true, only: :apple
  
  def apple
    puts "==== GOT INTO APPLE======="
    auth_hash = request.env['omniauth.auth']
  end
end

My user.rb

class User < ApplicationRecord
  acts_as_tenant(:tenant)

  devise :database_authenticatable, :registerable, :recoverable, :lockable,
    :timeoutable, :rememberable, :trackable, :confirmable, :zxcvbnable,
    :omniauthable, :jwt_authenticatable,
    jwt_revocation_strategy: JwtDenyList, omniauth_providers: [:google_oauth2, :facebook, :apple]
end

in my routes, i also have specification to receive callbacks for each provider

devise_for :users,
    only: :omniauth_callbacks,
    controllers: {omniauth_callbacks: "users/omniauth_callbacks"}

Now when i click the Sign in with Apple button, it does redirect me to sign in my username and password from Apple but when the callback phase is initiated, it returns an error and does not redirect to the controller. I get this error but I honestly do not know how or where to start to resolve it

OAuth2::AccessToken.from_hash: `hash` contained more than one 'token' key (["access_token", "id_token"]); using "access_token".
(apple) Authentication failure! invalid_credentials: OmniAuth::Strategies::OAuth2::CallbackError, id_token_claims_invalid | nonce invalid

Does anyone have experience using the omniauth_apple gem with Devise to setup and fully integrate Apple SSO on Rails? Please help

Apple SSO Callback returns OAuth2::AccessToken.from_hash `hash` contained more than one 'token' key

0 Answers0