Download the PHP package guanhui07/apple-sign-in-php-sdk without Composer
On this page you can find all versions of the php package guanhui07/apple-sign-in-php-sdk. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download guanhui07/apple-sign-in-php-sdk
More information about guanhui07/apple-sign-in-php-sdk
Files in guanhui07/apple-sign-in-php-sdk
Package apple-sign-in-php-sdk
Short Description Library to verify and validate Apple IdentityToken and authenticate a user with Apple ID.
License MIT
Informations about the package apple-sign-in-php-sdk
Sign-in with Apple SDK
Installation
Recommended and easiest way to installing library is through Composer.
composer require azimolabs/apple-sign-in-php-sdk
Requirements
- PHP 7.1+
- OpenSSL Extension
PHP support
PHP version | Library version |
---|---|
5.x |
NOT SUPPORTED |
> 7.0 <= 7.3 |
1.4.x updated at 2023-10-20 support php7.3 |
>= 7.4 < 8.0 |
1.5.x |
>= 8.0 & ^7.4 |
2.0.x |
>= 8.1 |
3.0.x |
Versioning follows semver standard.
How it works
This description assumes that you already have generated identityToken . Remember that token is valid ONLY for 10 minutes.
The first step to verify the identity token is to generate a public key. To generate public key exponent
and modulus
values are required. Both information are exposed in Apple API endpoint. Those
values differ depending on the algorithm.
The second step is verification if provided identityToken
is valid against generated public key. If so we are sure
that identityToken
wasn't malformed.
The third step is validation if token is not expired. Additionally it is worth to check issuer
and audience
,
examples are shown below.
Basic usage
Once you have cloned repository, make sure that composer dependencies are installed running composer install -o
.
If you don't want to copy-paste above code you can paste freshly generated identityToken
in tests/E2e/Auth/AppleJwtFetchingServiceTest.php:53
and run tests with simple command php vendor/bin/phpunit tests/E2e
.
Todo
It is welcome to open a pull request with a fix for any issue:
- [x] Upgrade
phpseclib/phpseclib
to version3.0.7
- [x] Upgrade
lcobucci/jwt
to version4.x
. Reported in: Implicit conversion of keys from strings is deprecated. #2 - [x] Make library compatible with PHP
7.4.3
. Reported in Uncaught JsonException: Malformed UTF-8 characters - [x] Make library compatible with PHP
8.0.0
- [x] Refactor \Azimo\Apple\Api\Enum\CryptographicAlgorithmEnum, so algorithms are fetched dynamically from https://appleid.apple.com/auth/keys
- [ ] Create contribution guide
Miscellaneous
All versions of apple-sign-in-php-sdk with dependencies
ext-mbstring Version *
ext-openssl Version *
phpseclib/phpseclib Version ^3.0
lcobucci/jwt Version ^5.0
guzzlehttp/guzzle Version ^6.0|^7.0