Verify Apple identity token

To verify the identity token, your app server must

• Verify the JWS E256 signature using the server’s public key

• Verify the nonce for the authentication

• Verify that the iss field contains https://appleid.apple.com

• Verify that the aud field is the developer’s client_id

• Verify that the time is earlier than the exp value of the token

Go :

import(
    "github.com/coolishbee/go-verify-apple-id-token"
)

func main() {
	client := New()

	jwtClaims, err := client.VerifyIdToken("com.clientId.here", "idToken")
	if err != nil {
		t.Errorf("%s", err)
	} else {
		fmt.Println(jwtClaims.Email)
	}
}