I am implementing Apple Sign in on my webpage. I manage to log in as a user and get redirected to another page where I receive this information:
Access Token Response
stdClass Object
(
[access_token] => <redacted>
[token_type] => Bearer
[expires_in] => 3600
[refresh_token] => <redacted>
[id_token] => <redacted>
)
From the id_token I can retreive this:
Parsed ID Token
stdClass Object
(
[iss] => https://appleid.apple.com
[aud] => com.mywebsite.webapp
[exp] => 1604672418
[iat] => 1604586018
[sub] => 000263.03f6a4fd925e446bbfa1dcb4c6a80e10.0113
[at_hash] => 5futRg0Tq28zxt5Z7gt8lQ
[email] => [email protected]
[email_verified] => true
[auth_time] => 1604586017
[nonce_supported] => 1
)
But I need to have the user's first name and last name as well which is not in the response. I know Apple sends it only the first time the user authorizes the app, and they may have sent it, but not anymore. I am always deleting the app from my apple account before testing the sign in, but in vain.
CODE:
$client_id = 'com.mywebsite.webapp';
$client_secret = 'sfsf0sfsgsdfg';
$redirect_uri = 'https://mywebsite.com/AppleLogin/appleresponse.php';
if(isset($_POST['code'])) {
echo "POSTstate: " . $_POST["state"] . "<br>";
$response = http('https://appleid.apple.com/auth/token', [
'grant_type' => 'authorization_code',
'code' => $_POST['code'],
'redirect_uri' => $redirect_uri,
'client_id' => $client_id,
'client_secret' => $client_secret,
]);
if(!isset($response->access_token)) {
echo '<p>Error getting an access token:</p>';
echo '<pre>'; print_r($response); echo '</pre>';
echo '<p><a href="/">Start Over</a></p>';
die();
}
echo '<h3>Access Token Response</h3>';
echo '<pre>'; print_r($response); echo '</pre>';
$claims = explode('.', $response->id_token)[1];
$claims = json_decode(base64_decode($claims));
echo '<h3>Parsed ID Token</h3>';
echo '<pre>';
print_r($claims);
echo '</pre>';
die();
}
function http($url, $params=false) {
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
if($params)
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params));
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Accept: application/json',
'User-Agent: curl', # Apple requires a user agent header at the token endpoint
]);
$response = curl_exec($ch);
return json_decode($response);
}
I've been trying to figure this out the whole day, but literally nothing to be found on the internet, and I couldn't find any examples about how the user object looks like.
My Answer:
"eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjI1MzUzNzIwLjEwMzQwMzYiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiIyNDYwLjEwMzQwMzYiLCJleHAiOjE1NzYwNjYwMzAsInVzZXIiOnsiaWQiOiIyMDUwMjM0LjEwMzQwMzYiLCJzdWIiOiIyMDUwMjM0LjEwMzQwMzYiLCJlbWFpbCI6ImFkbWluQGFwcGxlLmNvbSIsImVtYWlsX3ZlcmlmaWVkIjoidHJ1ZSIsImF1ZCI6Imh0dHBzOi8vYXBwbGUuYXBwbGUuY29tIn19.eyJhdWQiOiJodHRwczovL2FwcGxlLmFwcGxlLmNvbSIsImV4cCI6MTU3NjA2NjAzMCwiaWF0IjoxNTc2MDY1NDMwLCJzdWIiOiIyMDUwMjM0LjEwMzQwMzYiLCJhdF9oYXNoIjoiZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZmVlZm
Rate this post
5 of 5 based on 5136 votesComments