Home / Function/ generateAppleSecretKey() — supabase Function Reference

generateAppleSecretKey() — supabase Function Reference

Architecture documentation for the generateAppleSecretKey() function in AppleSecretGenerator.tsx from the supabase codebase.

Function tsx DocumentationSystem ReferenceGen calls 3 called by 1

Entity Profile

Dependency Diagram

graph TD
  686e50b5_fb5e_1730_38c0_62592eb764e8["generateAppleSecretKey()"]
  49c52e78_b920_1ed6_2bcb_107c71cd9801["AppleSecretGenerator()"]
  49c52e78_b920_1ed6_2bcb_107c71cd9801 -->|calls| 686e50b5_fb5e_1730_38c0_62592eb764e8
  c92aa9ae_4ac5_ada0_7efd_1808efee6ff7["stringToArrayBuffer()"]
  686e50b5_fb5e_1730_38c0_62592eb764e8 -->|calls| c92aa9ae_4ac5_ada0_7efd_1808efee6ff7
  3c908f2a_740e_8124_3782_20df0fc76734["base64URL()"]
  686e50b5_fb5e_1730_38c0_62592eb764e8 -->|calls| 3c908f2a_740e_8124_3782_20df0fc76734
  585f53ea_2211_1724_2dc0_63276139de81["arrayBufferToString()"]
  686e50b5_fb5e_1730_38c0_62592eb764e8 -->|calls| 585f53ea_2211_1724_2dc0_63276139de81
  style 686e50b5_fb5e_1730_38c0_62592eb764e8 fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

apps/docs/components/AppleSecretGenerator/AppleSecretGenerator.tsx lines 26–95

const generateAppleSecretKey = async (
  kid: string,
  iss: string,
  sub: string,
  file: File
): Promise<{ kid: string; jwt: string; exp: number }> => {
  if (!kid) {
    const match = file.name.match(/AuthKey_([^.]+)[.].*$/i)
    if (match && match[1]) {
      kid = match[1]
    }
  }

  if (!kid) {
    throw new Error(
      `No Key ID provided. The file "${file.name}" does not follow the AuthKey_XXXXXXXXXX.p8 pattern. Please provide a Key ID manually.`
    )
  }

  const contents = await file.text()

  if (!contents.match(/^\s*-+BEGIN PRIVATE KEY-+[^-]+-+END PRIVATE KEY-+\s*$/i)) {
    throw new Error(`Chosen file does not appear to be a PEM encoded PKCS8 private key file.`)
  }

  // remove PEM headers and spaces
  const pkcs8 = stringToArrayBuffer(
    globalThis.atob(contents.replace(/-+[^-]+-+/g, '').replace(/\s+/g, ''))
  )

  const privateKey = await globalThis.crypto.subtle.importKey(
    'pkcs8',
    pkcs8,
    {
      name: 'ECDSA',
      namedCurve: 'P-256',
    },
    true,
    ['sign']
  )

  const iat = Math.floor(Date.now() / 1000)
  const exp = iat + 180 * 24 * 60 * 60

  const jwt = [
    base64URL(JSON.stringify({ typ: 'JWT', kid, alg: 'ES256' })),
    base64URL(
      JSON.stringify({
        iss,
        sub,
        iat,
        exp,
        aud: 'https://appleid.apple.com',
      })
    ),
  ]

  const signature = await globalThis.crypto.subtle.sign(
    {
      name: 'ECDSA',
      hash: 'SHA-256',
    },
    privateKey,
    stringToArrayBuffer(jwt.join('.'))
  )

  jwt.push(base64URL(arrayBufferToString(signature)))

  return { kid, jwt: jwt.join('.'), exp }
}

Domain

Subdomains

Calls

Called By

Source

Frequently Asked Questions

What does generateAppleSecretKey() do?
generateAppleSecretKey() is a function in the supabase codebase.
What does generateAppleSecretKey() call?
generateAppleSecretKey() calls 3 function(s): arrayBufferToString, base64URL, stringToArrayBuffer.
What calls generateAppleSecretKey()?
generateAppleSecretKey() is called by 1 function(s): AppleSecretGenerator.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free