signInWithIdToken method

@experimental Future<AuthResponse> signInWithIdToken({ required OAuthProvider provider, required String idToken, String? accessToken, String? nonce, String? captchaToken, })

Allows signing in with an ID token issued by certain supported providers. The idToken is verified for validity and a new session is established. This method of signing in only supports OAuthProvider.google, OAuthProvider.apple or OAuthProvider.kakao.

If the ID token contains an at_hash claim, then accessToken must be provided to compare its hash with the value in the ID token.

If the ID token contains a nonce claim, then nonce must be provided to compare its hash with the value in the ID token.

captchaToken is the verification token received when the user completes the captcha on the app.

This method is experimental.

Implementation

@experimental
Future<AuthResponse> signInWithIdToken({
  required OAuthProvider provider,
  required String idToken,
  String? accessToken,
  String? nonce,
  String? captchaToken,
}) async {
  if (provider != OAuthProvider.google &&
      provider != OAuthProvider.apple &&
      provider != OAuthProvider.kakao) {
    throw AuthException('Provider must be '
        '${OAuthProvider.google.name}, ${OAuthProvider.apple.name} or ${OAuthProvider.kakao.name}.');
  }

  final response = await _fetch.request(
    '$_url/token',
    RequestMethodType.post,
    options: GotrueRequestOptions(
      headers: _headers,
      body: {
        'provider': provider.snakeCase,
        'id_token': idToken,
        'nonce': nonce,
        'gotrue_meta_security': {'captcha_token': captchaToken},
        'access_token': accessToken,
      },
      query: {'grant_type': 'id_token'},
    ),
  );

  final authResponse = AuthResponse.fromJson(response);

  if (authResponse.session == null) {
    throw AuthException(
      'An error occurred on token verification.',
    );
  }

  _saveSession(authResponse.session!);
  notifyAllSubscribers(AuthChangeEvent.signedIn);

  return authResponse;
}