From 6e09b365ca3031139acdbddf259245f60d1dfb73 Mon Sep 17 00:00:00 2001
From: Karl Schmaltz <karlschmaltz@gmail.com>
Date: Sun, 27 Feb 2022 08:47:14 -0700
Subject: [PATCH] fix(apple-sign-in): SHA256 hash nonce in request

---
 packages/apple-sign-in/index.ios.ts | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/packages/apple-sign-in/index.ios.ts b/packages/apple-sign-in/index.ios.ts
index baf50e35..3764942e 100644
--- a/packages/apple-sign-in/index.ios.ts
+++ b/packages/apple-sign-in/index.ios.ts
@@ -63,6 +63,15 @@ function randomNonce(length: number) {
     return result;
 }
 
+function sha256Hash(input: string): string {
+    const sha256buffer = CC_SHA256(interop.handleof(NSString.stringWithString(input).UTF8String), input.length, interop.alloc(input.length));
+    let inputHashed = '';
+    for (let i = 0; i < input.length; i++) {
+        inputHashed += parseInt(sha256buffer[i], 10).toString(16).padStart(2, '0');
+    }
+    return inputHashed;
+}
+
 export class SignIn {
     static #controller: ASAuthorizationController;
     static #delegate: ASAuthorizationControllerDelegate;
@@ -100,10 +109,10 @@ export class SignIn {
 
             if (options?.useNonce) {
                 if (options.nonce) {
-                    request.nonce = options.nonce;
+                    request.nonce = sha256Hash(options.nonce);
                 } else {
                     const nonce = randomNonce(32);
-                    request.nonce = nonce;
+                    request.nonce = sha256Hash(nonce);
                     (this.#delegate as any)._options.nonce = nonce;
                 }
             }