Hello,

currently we have an issue relating to the cryptographic algorithm fh6Bs8C. We are using package version 1.3.0 currently. Would it be possible to integrate this in the package? Or does it exist already?

Even trying with php vendor/bin/phpunit vendor/azimolabs/apple-sign-in-php-sdk/tests/E2e/Auth/AppleJwtFetchingServiceTest.php with a recent token I'm only getting Validation of given token failed. Possibly token expired.

$validationData = new ValidationData();
$validationData->setIssuer('https://appleid.apple.com');
$validationData->setAudience('com.********');

$appleJwtFetchingService = new Auth\Service\AppleJwtFetchingService(
    new Auth\Jwt\JwtParser(new Parser()),
    new Auth\Jwt\JwtVerifier(
        new Api\AppleApiClient(
            new GuzzleHttp\Client(
                [
                    'base_uri'        => 'https://appleid.apple.com',
                    'timeout'         => 5,
                    'connect_timeout' => 5,
                ]
            ),
            new Api\Factory\ResponseFactory()
        ),
        new RSA(),
        new Sha256()
    ),
    new Auth\Jwt\JwtValidator($validationData),
    new Auth\Factory\AppleJwtStructFactory()
);

$payload = $appleJwtFetchingService->getJwtPayload($request->id_token);

I have error frequently 30% happen at 1st time sign with apple "Cryptographic algorithm W6WcOKB is not supported. Supported algorithms: 86D88Kf,eXaunmL,YuyXoY"

I use your lib code for Apple Sign feature! Next times when I revoke apple id on app and sign again 2nd, it could be passed.

Hi,

I got the error while getting access token from apple. Implicit conversion of keys from strings is deprecated. Please use InMemory or LocalFileReference classes.

I find it cause by the problem from lcobucci/jwt 3.4.* , so I use "lcobucci/jwt": "3.3.*" in my project and it work perfectly.

The latest version of lcobucci/jwt is 4.1.x, but not released, I hasn't test it too.

Hi, if I have two app (dev and prod) and they have different audience how can I handle that in this library?

At first I have tried this approach but it doesn't work since this library will throw exception when audience doesn't match.

new Auth\Jwt\JwtValidator(
                new \Lcobucci\JWT\Validation\Validator(),
                [
                    new \Lcobucci\JWT\Validation\Constraint\IssuedBy('https://appleid.apple.com'),
                    new \Lcobucci\JWT\Validation\Constraint\PermittedFor('com.c.azimo.stage'),
                   new \Lcobucci\JWT\Validation\Constraint\PermittedFor('com.c.azimo.stage2'),
                ]
      ),

I updated code to PHP8. If you need php8 right now, you can temporary use version from my repo. I didn't make PR because I dramatically changed the root service.

https://github.com/alxbndrs/apple-sign-in-php-sdk

[COMMIT] https://github.com/alxbndrs/apple-sign-in-php-sdk/commit/c3166ce14a629bc3a80feeb4cda6b921fd80bd2d

Hi,

Your package seems to be perfect... but you are using Guzzle 7. However, Guzzle 7 is not necessary for this package to be fully functionnal, Guzzle 6 is enough. Moreover, when you are using Laravel 7, using Guzzle 7 is blocking the installation.

So, can you use Guzzle 6 in this package to make it run for everyone ? :-)

Thanks a lot !

We are using 1.1.2 version. What is the solution? Do you have idea? Azimo\Apple\Api\Exception\UnsupportedCryptographicAlgorithmException Cryptographic algorithm fh6Bs8C is not supported. Supported algorithms: 86D88Kf,eXaunmL,YuyXoY,W6WcOKB

The algorithms are already downloaded from Apple, so just use this as the master list instead of keeping another internal lookup key list.

PHP isn't my main language, so if I've done something stupid..sorry..

I've tested this in my app, and it's working fine. Also ran the unit tests and updated the failing ones.

Hi! I'm using PHP 7.4.3 and trying to verify identity token. The response I get: Uncaught JsonException: Malformed UTF-8 characters, possibly incorrectly encoded in /home/x/domains/domain.com/public_html/apple/lcobucci/jwt/src/Parsing/Decoder.php:50. Changing to older PHP version helps, but is there any solution to make it working on >7.4.3? Thanks

If you pass a nonce while making the request for Sign In With Apple, this value is returned in the claims section of the received JWT. This field is not present if you don't pass a nonce while making the request. This pull request adds the ability to access its value.