{"id":4508,"date":"2022-09-11T10:56:16","date_gmt":"2022-09-11T15:56:16","guid":{"rendered":"https:\/\/dev.iachieved.it\/iachievedit\/?p=4508"},"modified":"2024-01-14T11:10:20","modified_gmt":"2024-01-14T17:10:20","slug":"weatherkit-rest-api","status":"publish","type":"post","link":"https:\/\/dev.iachieved.it\/iachievedit\/weatherkit-rest-api\/","title":{"rendered":"Using Apple’s New WeatherKit REST API"},"content":{"rendered":"

In late March 2020 Apple purchased the Dark Sky app<\/a>, and along with it the Dark Sky API. No longer accepting sign ups the Dark Sky API will go offline on March 31, 2023<\/a>. If you’re a developer that needs a reliable weather API, Apple is now providing WeatherKit<\/strong><\/a>. Typical “Kit” APIs are only available on Apple devices as libraries, but in this case, WeatherKit does<\/i> have a REST web service available. Let’s look at how to use it.<\/p>\n

The WeatherKit API does require an Apple developer account and access to the Developer Console<\/a> to configure. Though the developer account costs $99 a year, that includes 500,000 WeatherKit API calls per month<\/em>. For me personally that is a much better deal than a service such as a AccuWeather or OpenWeather.<\/p>\n

Provisioning<\/h2>\n

To get started with WeatherKit we need to do some provisioning in the Developer Console. The first step will be to create a key<\/strong>.<\/p>\n

\"\"<\/a><\/p>\n

Select Certificates, Identifiers & Profiles<\/strong> and then Keys<\/strong>. Click the blue circle with white cross to add a new key. We’ll call the key myweatherapp<\/em>. Check the box next to WeatherKit<\/strong>.<\/p>\n

\"\"<\/a><\/p>\n

Click Continue<\/strong> and then Register<\/strong> on the Register a New Key<\/strong> screen.<\/p>\n

Make note on this screen that you’re about to download a new key, and once you’ve done so you won’t be able to again. This key is necessary to access the WeatherKit REST API (you’ll be signing tokens with it), so keep it in a safe place.<\/p>\n

\"\"<\/a><\/p>\n

Download your key, and also make note of the Key ID<\/strong>. We’re going to use it later. Look in your Downloads<\/strong> folder for AuthKey_KEYID.p8<\/code>. In our case the filename is AuthKey_9U5ZXJ4Y65.p8<\/code>.<\/p>\n

Once you’ve downloaded your key, click Done<\/strong>.<\/p>\n

Now that we have our key, it’s time to provision our service identifier. Click on Identifiers<\/strong> and once again, the blue circle with white cross. Choose Services ID<\/strong> and Continue<\/strong>.<\/p>\n

\"\"<\/a><\/p>\n

We’re going to use the reverse domain name notation for the service, i.e., it.iachieved.myweatherapp<\/code>.<\/p>\n

\"\"<\/a><\/p>\n

Click Continue<\/strong> and then Register<\/strong>.<\/p>\n

Preparing the Keys<\/h2>\n

The .p8<\/code> file downloaded is a plain text file containing an elliptic curve private key in PKCS#8 format. It is not<\/em> encrypted. We’re going to want the key in PEM format, so let’s convert it with openssl<\/code>:<\/p>\n

openssl pkcs8 -nocrypt -in AuthKey_9U5ZXJ4Y65.p8 -out AuthKey_9U5ZXJ4Y65.pem\r\n<\/pre>\n
NB<\/strong>:  The option -nocrypt<\/code> is required!<\/p>\n
We need the public key component as well for signing JWT tokens, so obtain it with openssl<\/code>:<\/p>\n
openssl ec -in AuthKey_9U5ZXJ4Y65.pem -pubout > AuthKey_9U5ZXJ4Y65.pub\r\n<\/pre>\n
You should now have two files which are the private and public key.<\/p>\n
Creating and Signing a JWT<\/h2>\n
Let’s recall how accessing a REST API with a JSON Web Token<\/a> works.<\/p>\n
Apple runs the WeatherKit API service, and in the Developer console you created a key.  Apple kept a copy of the public key which it will use to verify JWT signatures.  Your application is going to construct a JWT and sign it with the private key.  This signed JWT will be presented as a bearer token to the API.  If Apple can validate your signature and that your token contents identify provisioned WeatherKit services, you’re golden.<\/p>\n
We’ll use jwt.io<\/a> to create a JWT by hand.<\/p>\n
The JWT to access the WeatherKit API must contain the following header elements:<\/p>\n