Apple email dervied from decoded token

Author: dmlenton

routes/api/account.js

@@ -13,6 +13,7 @@ const { Audience } = require('../../models/audience');
 const { Program } = require('../../models/program');
 const { OAuth2Client } = require('google-auth-library');
 const appleSignin = require('apple-signin-auth');
+const jwt = require('jsonwebtoken');
 
 const passports = new Passports();
 // const permissions = require('../../models/permissions');
@@ -359,10 +360,10 @@ module.exports = function (app) {
       // Additional verification not used
       // const authorizationCode = req.body.authorizationCode;
       // const nonce = req.body.nonce;
-      // let email = req.body.email;
       const givenName = req.body.givenName;
       const familyName = req.body.familyName;
-      const { sub: userAppleId, email } = await appleSignin.verifyIdToken(token, {
+      const { email } = jwt.decode(token);
+      const { sub: userAppleId } = await appleSignin.verifyIdToken(token, {
         // Optional Options for further verification - Full list can be found here https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback
         // audience: 'localhost', // client id - can also be an array
         // nonce: 'NONCE', // nonce