From d277c73e108cb1e3b2d4df30f1df8ebbe876a85f Mon Sep 17 00:00:00 2001
From: Wenjie Yek <dx3152@hotmail.com>
Date: Wed, 6 Dec 2023 13:42:24 +0800
Subject: [PATCH 1/2] Update apple.rb

skip verify_nonce
---
 lib/omniauth/strategies/apple.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/omniauth/strategies/apple.rb b/lib/omniauth/strategies/apple.rb
index 5ad3a40..4f6351d 100644
--- a/lib/omniauth/strategies/apple.rb
+++ b/lib/omniauth/strategies/apple.rb
@@ -105,7 +105,7 @@ def verify_claims!(id_token)
         verify_aud!(id_token)
         verify_iat!(id_token)
         verify_exp!(id_token)
-        verify_nonce!(id_token) if id_token[:nonce_supported]
+        # verify_nonce!(id_token) if id_token[:nonce_supported]
       end
 
       def verify_iss!(id_token)

From 3d78527bbc9130180c60d3e8fa3bb82639672a23 Mon Sep 17 00:00:00 2001
From: Wenjie Yek <dx3152@hotmail.com>
Date: Wed, 6 Dec 2023 13:47:37 +0800
Subject: [PATCH 2/2] add callback phase

---
 lib/omniauth/strategies/apple.rb | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/lib/omniauth/strategies/apple.rb b/lib/omniauth/strategies/apple.rb
index 4f6351d..817ba77 100644
--- a/lib/omniauth/strategies/apple.rb
+++ b/lib/omniauth/strategies/apple.rb
@@ -63,6 +63,20 @@ def callback_url
         options[:redirect_uri] || (full_host + callback_path)
       end
 
+      def callback_phase
+        if request.request_method.downcase.to_sym == :post
+          url = "#{callback_url}"
+          if (code = request.params['code']) && (state = request.params['state'])
+            url += "?code=#{CGI::escape(code)}"
+            url += "&state=#{CGI::escape(state)}"
+            url += "&user=#{CGI::escape(request.params['user'])}" if request.params['user']
+          end
+          session.options[:drop] = true # Do not set a session cookie on this response
+          return redirect url
+        end
+        super
+      end
+
       private
 
       def new_nonce