Recommended and easiest way to installing library is through Composer.
composer require azimolabs/apple-sign-in-php-sdk:1.0.0
- PHP 7.1+
- OpenSSL Extension
This description assumes that you already have generated identityToken. Remember that token is valid ONLY for 10 minutes.
The first step to verify the identity token is to generate a public key. To generate public key exponent and modulus values are required.
Both information are exposed in Apple API endpoint. Those values differ depending on the algorithm.
The second step is verification if provided identityToken is valid against generated public key. If so we are sure that identityToken wasn't malformed.
The third step is validation if token is not expired. Additionally it is worth to check issuer and audience, examples are shown below.
Once you have cloned repository, make sure that composer dependencies are installed running composer install -o.
$validationData = new ValidationData();
$validationData->setIssuer('https://appleid.apple.com');
$validationData->setAudience('com.azimo');
$appleJwtFetchingService = new Auth\Service\AppleJwtFetchingService(
new Auth\Jwt\JwtParser(new Parser()),
new Auth\Jwt\JwtVerifier(
new Api\AppleApiClient(
new GuzzleHttp\Client(
[
'base_uri' => 'https://appleid.apple.com',
'timeout' => 5,
'connect_timeout' => 5,
]
),
new Api\Factory\ResponseFactory()
),
new RSA(),
new Sha256()
),
new Auth\Jwt\JwtValidator($validationData),
new Auth\Factory\AppleJwtStructFactory()
);
$appleJwtFetchingService->getJwtPayload('your.identity.token');If you don't want to copy-paste above code you can paste freshly generated identityToken in tests/E2e/Auth/AppleJwtFetchingServiceTest.php:53
and run tests with simple command php vendor/bin/phpunit tests/E2e.
$ php vendor/bin/phpunit tests/E2e
PHPUnit 9.2.5 by Sebastian Bergmann and contributors.
Random seed: 1594414420
. 1 / 1 (100%)
Time: 00:00.962, Memory: 8.00 MB
OK (1 test, 1 assertion)