From 1719e0bbbfbabc72961a4ad4d144c7b88e0e8ce8 Mon Sep 17 00:00:00 2001
From: George Powell <geohpowell@gmail.com>
Date: Fri, 13 Feb 2026 01:47:29 -0500
Subject: [PATCH] switched to Bun.env for apple-auth.ts

---
 src/lib/server/apple-auth.ts | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/src/lib/server/apple-auth.ts b/src/lib/server/apple-auth.ts
index 9ed721c..a67315f 100644
--- a/src/lib/server/apple-auth.ts
+++ b/src/lib/server/apple-auth.ts
@@ -1,14 +1,12 @@
 import { encodeBase64url } from '@oslojs/encoding';
-import { env } from '$env/dynamic/private';
-import { env as publicEnv } from '$env/dynamic/public';
 
 const APPLE_AUTH_URL = 'https://appleid.apple.com/auth/authorize';
 const APPLE_TOKEN_URL = 'https://appleid.apple.com/auth/token';
 
 export function getAppleAuthUrl(state: string): string {
 	const params = new URLSearchParams({
-		client_id: env.APPLE_ID!,
-		redirect_uri: `${publicEnv.PUBLIC_SITE_URL}/auth/apple/callback`,
+		client_id: Bun.env.APPLE_ID!,
+		redirect_uri: `${Bun.env.PUBLIC_SITE_URL}/auth/apple/callback`,
 		response_type: 'code',
 		response_mode: 'form_post',
 		scope: 'name email',
@@ -18,14 +16,14 @@ export function getAppleAuthUrl(state: string): string {
 }
 
 export async function generateAppleClientSecret(): Promise<string> {
-	const header = { alg: 'ES256', kid: env.APPLE_KEY_ID! };
+	const header = { alg: 'ES256', kid: Bun.env.APPLE_KEY_ID! };
 	const now = Math.floor(Date.now() / 1000);
 	const payload = {
-		iss: env.APPLE_TEAM_ID!,
+		iss: Bun.env.APPLE_TEAM_ID!,
 		iat: now,
 		exp: now + 86400 * 180,
 		aud: 'https://appleid.apple.com',
-		sub: env.APPLE_ID!
+		sub: Bun.env.APPLE_ID!
 	};
 
 	const encodedHeader = encodeBase64url(new TextEncoder().encode(JSON.stringify(header)));
@@ -33,7 +31,7 @@ export async function generateAppleClientSecret(): Promise<string> {
 	const signingInput = `${encodedHeader}.${encodedPayload}`;
 
 	// Import PEM private key
-	const pemBody = env.APPLE_PRIVATE_KEY!.replace(/-----BEGIN PRIVATE KEY-----/, '')
+	const pemBody = Bun.env.APPLE_PRIVATE_KEY!.replace(/-----BEGIN PRIVATE KEY-----/, '')
 		.replace(/-----END PRIVATE KEY-----/, '')
 		.replace(/\s/g, '');
 	const keyBuffer = Uint8Array.from(atob(pemBody), (c) => c.charCodeAt(0));
@@ -108,7 +106,7 @@ export async function exchangeAppleCode(
 	const clientSecret = await generateAppleClientSecret();
 
 	const params = new URLSearchParams({
-		client_id: env.APPLE_ID!,
+		client_id: Bun.env.APPLE_ID!,
 		client_secret: clientSecret,
 		code,
 		grant_type: 'authorization_code',