Creating jwt after signing with apple

App & System Services General
KronosSport OP
Created Jun ’21
Replies 1
Boosts 0
Views 747
Participants 1

Hello there, I've another question about signing with apple more precisely how to create the jw token in php after sign with apple, here is what I do:

$header = json_encode(array(
  'kid' => $keyId,
));

$decodedTokenData =  json_decode(base64_decode(str_replace('_', '/', str_replace('-','+',explode('.', $_POST['id_token'])[1]))),true);

$payload = json_encode(array(
    'iss' => $teamid,
    'iat' => time(),
    'exp' => time() + 86400*180,
     'aud' => $decodedTokenData['aud'],
    'sub' => $decodedTokenData['sub'],
));

$base64UrlHeader = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($header));
$base64UrlPayload = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($payload));

$signature = hash_hmac('sha256', $base64UrlHeader . "." . $base64UrlPayload, 'abC123!', true);
$base64UrlSignature = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($signature));
$jwt = $base64UrlHeader . "." . $base64UrlPayload . "." . $base64UrlSignature;

curl -X POST https://appleid.apple.com/auth/token -d  '{"client_id":$CLIENTID,"client_secret":$jwt,"code": $_POST['code'],"grant_type":"authorization_code","redirect_uri":$URL}'

and I've got a

{"error":"invalid_client"}

i don't know what is wrong

Thanks in advance for your help

Replies  1
Boosts  0
Views  747
Participants  1
KronosSport OP
Jun ’21

maybe this issue is the call to hash_hmac, I have a key like this:

$pem_content = "
-----BEGIN PRIVATE KEY-----
XXXX
-----END PRIVATE KEY-----";

but I don't know how to use it as the 3rd parameter of hash_hmac

0
Creating jwt after signing with apple
First post date Last post date
 
 
Q