File tree Expand file tree Collapse file tree 5 files changed +26
-5
lines changed Expand file tree Collapse file tree 5 files changed +26
-5
lines changed Original file line number Diff line number Diff line change 1
1
{
2
2
"HashAlgorithm" : " Sha384 { ... }" ,
3
- "PCR0" : " 2e6e8f86a657f6daed8e699c0b74bf02d6c7d6414638b1032e6addd2bca7d208a0e8aa4961eb8e926c54dc58fd63d401 " ,
3
+ "PCR0" : " 6b15f0571de13a6357e646bbe3772a8fe32fdd85b07ba97b3a6f95bdc43023dd9deb5710c26b75346de90157d9ecdd1f " ,
4
4
"PCR1" : " e45de6f4e9809176f6adc68df999f87f32a602361247d5819d1edf11ac5a403cfbb609943705844251af85713a17c83a" ,
5
- "PCR2" : " 5c513f9c10db4f10ac27f2da0310bfee983aee9b5676866aef0c35238b9e90b56a59d42e6c3f083a64091c697fa2c9a4 "
5
+ "PCR2" : " cb114b8e27fb08576dee6a0481eef5ad96030a4a6402e7783ff363abbc5d72a2d916d053706cb76c6ff405ded55b77ae "
6
6
}
Original file line number Diff line number Diff line change 33
33
"PCR2" : " 5c513f9c10db4f10ac27f2da0310bfee983aee9b5676866aef0c35238b9e90b56a59d42e6c3f083a64091c697fa2c9a4" ,
34
34
"timestamp" : 1746806841 ,
35
35
"signature" : " JgnRXXIAlRzxmAnkwoGfcKpqKOqTjeEApiUbtiawNytd5/C9jUSQzFGP2w7yVTlHNzuddaVlGVggxVIP2EWHI78qi8Rxa/V4tvzpSj7ojOAdQOFIQk5EhnnXRibj1zRC"
36
+ },
37
+ {
38
+ "PCR0" : " 6b15f0571de13a6357e646bbe3772a8fe32fdd85b07ba97b3a6f95bdc43023dd9deb5710c26b75346de90157d9ecdd1f" ,
39
+ "PCR1" : " e45de6f4e9809176f6adc68df999f87f32a602361247d5819d1edf11ac5a403cfbb609943705844251af85713a17c83a" ,
40
+ "PCR2" : " cb114b8e27fb08576dee6a0481eef5ad96030a4a6402e7783ff363abbc5d72a2d916d053706cb76c6ff405ded55b77ae" ,
41
+ "timestamp" : 1747766223 ,
42
+ "signature" : " rURCqPwmpN/p/i7++Fm4esxeSCRRVSUws8Law5i9mBH3IIUCIJmqfGAD67+KGWM6bb5YfsQEy6O31bCFgsueUD+1fBGwFZGGl50JyaPj882Hx0waxrgoWbll7n+R7DiB"
36
43
}
37
44
]
Original file line number Diff line number Diff line change 1
1
{
2
2
"HashAlgorithm" : " Sha384 { ... }" ,
3
- "PCR0" : " 8de5541089649e9edb2cd96fafb90716aa298483447e459708e8840b1f82a557c9d9ff6ae1fd2461b04310e7d9400d7d " ,
3
+ "PCR0" : " 02a41da2df084fd1dee420d7717bef6dc0120f1d6a0b7fded3f4c7a539be4044b3061c71bc7156731db1fb66494097b0 " ,
4
4
"PCR1" : " e45de6f4e9809176f6adc68df999f87f32a602361247d5819d1edf11ac5a403cfbb609943705844251af85713a17c83a" ,
5
- "PCR2" : " c9f052dab1c210be6b64ea942148efa248ad4fb0c3fbbf5ab7fa7dc6287adec0d1e00f7e01b6109418026546f6f34cf8 "
5
+ "PCR2" : " 4563722b974255c127d3706805645d13d10a4f01fe8e4e242e58cf1c89c21d27fbbb8a3be197c649e8dc5694370f3c12 "
6
6
}
Original file line number Diff line number Diff line change 33
33
"PCR2" : " c9f052dab1c210be6b64ea942148efa248ad4fb0c3fbbf5ab7fa7dc6287adec0d1e00f7e01b6109418026546f6f34cf8" ,
34
34
"timestamp" : 1746806841 ,
35
35
"signature" : " XrFzIY9kD6QIEjikTe0kT4gHI2J59vsgkRVYTUOjWRrV0K54weasiBMPdRj4BiHxUgzwFbSunCgGYOrBP857A9VlmYU6rgPfHB+Wg/ToHk1Dzz0T/u+rv/ioavFdWiij"
36
+ },
37
+ {
38
+ "PCR0" : " 02a41da2df084fd1dee420d7717bef6dc0120f1d6a0b7fded3f4c7a539be4044b3061c71bc7156731db1fb66494097b0" ,
39
+ "PCR1" : " e45de6f4e9809176f6adc68df999f87f32a602361247d5819d1edf11ac5a403cfbb609943705844251af85713a17c83a" ,
40
+ "PCR2" : " 4563722b974255c127d3706805645d13d10a4f01fe8e4e242e58cf1c89c21d27fbbb8a3be197c649e8dc5694370f3c12" ,
41
+ "timestamp" : 1747766237 ,
42
+ "signature" : " PvzREdaKwTpXGbdgA7OkC3LFPJoyyN8dXFqPS5vnY1zSf0w9C6o6W+MGlVuZNDJADROO3nmfuY4GspVK8t5WCobLo0VsT12jNcnnm7EOi4BrL2EMKdfyLA+LC28BjfX+"
36
43
}
37
44
]
Original file line number Diff line number Diff line change @@ -476,14 +476,21 @@ pub async fn oauth_callback(
476
476
} ) ?;
477
477
478
478
// Get Apple client ID from project OAuth settings
479
- let client_id = oauth_settings
479
+ let mut client_id = oauth_settings
480
480
. apple_oauth_settings
481
481
. ok_or_else ( || {
482
482
error ! ( "Apple OAuth settings not configured" ) ;
483
483
ApiError :: BadRequest
484
484
} ) ?
485
485
. client_id ;
486
486
487
+ // For web-based OAuth flow, append .services to the client ID
488
+ // This is because Apple requires Services ID for web flow, not App ID
489
+ if !client_id. ends_with ( ".services" ) {
490
+ client_id = format ! ( "{}.services" , client_id) ;
491
+ debug ! ( "Modified Apple client ID for web flow: {}" , client_id) ;
492
+ }
493
+
487
494
// For Apple, we need to extract the ID token from the token exchange response
488
495
debug ! ( "Processing Apple OAuth token response to get ID token" ) ;
489
496
You can’t perform that action at this time.
0 commit comments