I am trying to validate apple identityToken using API. I am using the firebase/php-jwt library.
I have done the below code.
$access_token = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
$auth_keys = file_get_contents('https://appleid.apple.com/auth/keys');
$public_keys = JWK::parseKeySet(json_decode($auth_keys, true));
$keys = array_keys($public_keys);
$decoded = JWT::decode($access_token, $public_keys[$keys[0]], ['RS256']);
$decoded_array = (array) $decoded;
echo '<pre>' . print_r($decoded_array, true) . '</pre>';
When I run the code the first time it works successfully. but the second time it returns 'Signature verification failed'. so i just changed from $public_keys[$keys[0]] to $public_keys[$keys[1]] so it works. but if I am trying to login again it is not working.
There is any problem with the key selection? I don't know how to select it. I tried lots of searches but I didn't found any proper solution so I hope to get help from here.
Thank you in advance
$access_token = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
list($headb64, $bodyb64, $cryptob64) = explode('.', $access_token);
$header = JWT::jsonDecode(JWT::urlsafeB64Decode($headb64));
$kid = $header->kid;