• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Sign in with apple?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Sign in with apple?

  • Subject: Re: Sign in with apple?
  • From: Amedeo Mantica via Webobjects-dev <email@hidden>
  • Date: Wed, 3 Jun 2020 16:04:14 +0200
I use this library

https://github.com/auth0/java-jwt <https://github.com/auth0/java-jwt>

the Apple public Keys for verification are here

https://appleid.apple.com/auth/keys <https://appleid.apple.com/auth/keys>

Amedeo



> On 2 Jun 2020, at 14:41, Jesse Tayler via Webobjects-dev
> <email@hidden> wrote:
>
>
>
>> On Jun 1, 2020, at 9:40 PM, Ray Kiddy <email@hidden> wrote:
>>
>>
>> Somebody comes in to the app, I get their e-mail address and sent them an
>> "invite" into the app. This is exactly as secure as any password-storage
>> system that uses e-mail to reset passwords
>
>
> This means the user has to invoke a new session by getting a link in email
> each time they access?
>
> I suppose that link cannot be shared since it expires?
>
> I mean it sounds interesting, I am interested in what is going on with your
> suggestion.
>
> Just seems like sending around links that allow people to enter directly has
> various dangers and complexities itself, and I wonder what the resulting
> experience is and what the level of security is.
>
> Isn’t this technically pushing the password back to your email login and
> isn’t that really no different than the O-Auth or Apple sign in?
>
> Apple sign in is preferable to users because it is easy and doesn’t offer
> private information to the site, Facebook login seems the same but is
> reversed. Facebook login is there to let Facebook see where you login and
> when so it can sell that data to advertisers.
>
> The idea of not using passwords at all is interesting, but I’m not sure this
> would be what I’m thinking about.
>
> I’m going to guess this is not a bank, but what sort of service uses this
> email authentication and why was it implemented?
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Webobjects-dev mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >Re: Sign in with apple? (From: Ray Kiddy via Webobjects-dev <email@hidden>)
 >Re: Sign in with apple? (From: Jesse Tayler via Webobjects-dev <email@hidden>)

  • Prev by Date: Re: Entity/attribute/relationship terrible toString?
  • Next by Date: Main not a subclass of WOComponent - but an odd cause - bad selenium jar?
  • Previous by thread: Re: Sign in with apple?
  • Next by thread: Re: Sign in with apple?
  • Index(es):
    • Date
    • Thread