Sign In with Apple https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens

Gemfile

# frozen_string_literal: true

source "https://rubygems.org"

git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }

gem 'jwt'

main.rb

require 'bundler/setup'
Bundler.require

require 'net/http'
require 'uri'

CLIENT_ID = ENV['CLIENT_ID']
SECRET_KEY_ID = ENV['SECRET_KEY_ID']
TEAM_ID = ENV['TEAM_ID']
PRIVATE_KEY = './AuthKey_XXXXXX.p8'

def create_client_secret
  alg = 'ES256'
  kid = SECRET_KEY_ID
  iss = TEAM_ID
  iat = Time.now.to_i
  exp = iat + 3600
  aud = 'https://appleid.apple.com'
  sub = CLIENT_ID

  key = OpenSSL::PKey::EC.new(File.read(PRIVATE_KEY))

  payload = {kid: kid, iss: iss, iat: iat, exp: exp, aud: aud, sub: sub}
  JWT.encode(payload, key, alg)
end

def verify_authentication_code(code)
  uri = URI.parse('https://appleid.apple.com/auth/token')
  params = {
    'content-type': 'application/x-www-form-urlencoded',
    'client_id': CLIENT_ID,
    'client_secret': create_client_secret,
    'grant_type': 'authorization_code',
    'code': code,
    'redirect_uri': ''
  }

  response = Net::HTTP.post_form(uri, params)
  pp params
  pp response
  pp response.code
  pp JSON.parse(response.body)
end