Popularity

2.7

Stable

Activity

3.0

Stable

Stars 90

Watchers 6

Forks 31

Last Commit over 1 year ago

Monthly Downloads: 9,323

Programming language: PHP

License: MIT License

Tags: Authentication And Authorization Authentication Apple Jwt Authorization Auth Apple Id Apple Sign In Apple Log In Apple Authentication

Latest version: v1.1.0

Sign in with Apple for PHP alternatives and similar libraries

Based on the "Authentication and Authorization" category.
Alternatively, view Sign in with Apple for PHP alternatives based on common mentions on social networks and blogs.

PHP OAuth 2.0 Server

9.2 8.9 Sign in with Apple for PHP VS PHP OAuth 2.0 Server

A spec compliant, secure by default PHP OAuth 2.0 Server
Json Web Token

9.1 9.0 L5 Sign in with Apple for PHP VS Json Web Token

A simple library to work with JSON Web Token and JSON Web Signature

InfluxDB – Built for High-Performance Time Series Workloads

InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

Promo www.influxdata.com

HybridAuth

8.8 6.2 L3 Sign in with Apple for PHP VS HybridAuth

Open source social sign on PHP Library. HybridAuth goal is to act as an abstract api between your application and various social apis and identities providers such as Facebook, Twitter and Google.
OAuth 2.0 Client

8.6 8.1 L5 Sign in with Apple for PHP VS OAuth 2.0 Client

Easy integration with OAuth 2.0 service providers.
Opauth

7.4 0.0 L5 Sign in with Apple for PHP VS Opauth

Multi-provider authentication framework for PHP
Sentinel

7.2 3.8 L5 Sign in with Apple for PHP VS Sentinel

A framework agnostic authentication & authorization system.
PHP oAuthLib

7.1 0.0 L5 Sign in with Apple for PHP VS PHP oAuthLib

PHP 5.3+ oAuth 1/2 Client Library
TwoFactorAuth

6.6 4.5 L5 Sign in with Apple for PHP VS TwoFactorAuth

PHP library for Two Factor Authentication (TFA / 2FA)
OAuth 1.0 Client

6.1 4.1 L5 Sign in with Apple for PHP VS OAuth 1.0 Client

OAuth 1 Client
Lock

6.0 0.0 L5 Sign in with Apple for PHP VS Lock

A flexible, driver based Acl package for PHP 5.4+
SocialConnect Auth

5.5 5.6 L4 Sign in with Apple for PHP VS SocialConnect Auth

:atom: Social (OAuth1\OAuth2\OpenID\OpenIDConnect) sign with PHP :shipit:
OAuth2 Server

4.8 2.3 Sign in with Apple for PHP VS OAuth2 Server

documentation for the oauth2-server-php library
Aura.Auth

3.3 0.0 Sign in with Apple for PHP VS Aura.Auth

Provides a unified interface to local and remote authentication systems.
Multi-Factor

3.2 0.0 L3 Sign in with Apple for PHP VS Multi-Factor

Vendor-Agnostic Two-Factor Authentication
Hawk

2.4 0.0 L3 Sign in with Apple for PHP VS Hawk

Hawk — A PHP Implementation
TwitterOAuth

2.1 0.0 L4 Sign in with Apple for PHP VS TwitterOAuth

The first PHP Library to support OAuth for Twitter's REST API.
Rinvex Authy PHP Client

1.9 4.8 L5 Sign in with Apple for PHP VS Rinvex Authy PHP Client

Rinvex Authy is a simple wrapper for @Authy TOTP API, the best rated Two-Factor Authentication service for consumers, simplest 2fa Rest API for developers and a strong authentication platform for the enterprise.
TwitterSDK

1.9 1.7 L5 Sign in with Apple for PHP VS TwitterSDK

A simple twitter SDK to interact with Twitter api (1.1)
Sentinel Social

- Sign in with Apple for PHP VS Sentinel Social

A library for social network authentication.

* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.

Do you think we are missing an alternative of Sign in with Apple for PHP or a related project?

Add another 'Authentication and Authorization' Library

Popular Comparisons

README

Sign-in with Apple SDK

Installation

Recommended and easiest way to installing library is through Composer.

composer require azimolabs/apple-sign-in-php-sdk

Requirements

PHP 7.1+
OpenSSL Extension

PHP support

PHP version	Library version
`5.x`	`NOT SUPPORTED`
`> 7.0 <= 7.3`	`1.4.x`
`> 7.4 < 8.0`	`1.5.x`
`> 8.0 & ^7.4`	`2.0.x`

How it works

This description assumes that you already have generated identityToken . Remember that token is valid ONLY for 10 minutes.

The first step to verify the identity token is to generate a public key. To generate public key exponent and modulus values are required. Both information are exposed in Apple API endpoint. Those values differ depending on the algorithm.

The second step is verification if provided identityToken is valid against generated public key. If so we are sure that identityToken wasn't malformed.

The third step is validation if token is not expired. Additionally it is worth to check issuer and audience, examples are shown below.

Basic usage

Once you have cloned repository, make sure that composer dependencies are installed running composer install -o.

$validationData = new ValidationData();
$validationData->setIssuer('https://appleid.apple.com');
$validationData->setAudience('com.azimo');

$appleJwtFetchingService = new Auth\Service\AppleJwtFetchingService(
            new Auth\Jwt\JwtParser(new \Lcobucci\JWT\Token\Parser(new \Lcobucci\JWT\Encoding\JoseEncoder())),
            new Auth\Jwt\JwtVerifier(
                new Api\AppleApiClient(
                    new GuzzleHttp\Client(
                        [
                            'base_uri'        => 'https://appleid.apple.com',
                            'timeout'         => 5,
                            'connect_timeout' => 5,
                        ]
                    ),
                    new Api\Factory\ResponseFactory()
                ),
                new \Lcobucci\JWT\Validation\Validator(),
                new \Lcobucci\JWT\Signer\Rsa\Sha256()
            ),
            new Auth\Jwt\JwtValidator(
                new \Lcobucci\JWT\Validation\Validator(),
                [
                    new \Lcobucci\JWT\Validation\Constraint\IssuedBy('https://appleid.apple.com'),
                    new \Lcobucci\JWT\Validation\Constraint\PermittedFor('com.c.azimo.stage'),
                ]
            ),
            new Auth\Factory\AppleJwtStructFactory()
        );

$appleJwtFetchingService->getJwtPayload('your.identity.token');

If you don't want to copy-paste above code you can paste freshly generated identityToken in tests/E2e/Auth/AppleJwtFetchingServiceTest.php:53 and run tests with simple command php vendor/bin/phpunit tests/E2e.

```shell script $ php vendor/bin/phpunit tests/E2e PHPUnit 9.2.5 by Sebastian Bergmann and contributors.

Random seed: 1594414420

. 1 / 1 (100%)

Time: 00:00.962, Memory: 8.00 MB

OK (1 test, 1 assertion)


## Todo

It is welcome to open a pull request with a fix of any issue:

- [x] Upgrade `phpseclib/phpseclib` to version `3.0.7`
- [x] Upgrade `lcobucci/jwt` to version `4.x`. Reported
  in: [Implicit conversion of keys from strings is deprecated. #2](https://github.com/AzimoLabs/apple-sign-in-php-sdk/issues/2)
- [x] Make library compatible with PHP `7.4.3`. Reported
  in [Uncaught JsonException: Malformed UTF-8 characters](https://github.com/AzimoLabs/apple-sign-in-php-sdk/issues/4)
- [x] Make library compatible with PHP `8.0.0`
- [ ] Refactor \Azimo\Apple\Api\Enum\CryptographicAlgorithmEnum, so algorithms are fetched dynamically from https://appleid.apple.com/auth/keys
- [ ] Create contribution guide

## Miscellaneous

* [JSON web token](https://jwt.io/)
* [Sign in with Apple overwiew](https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api/authenticating_users_with_sign_in_with_apple)
* [How backend token verification works](https://sarunw.com/posts/sign-in-with-apple-3/)

# Towards financial services available to all

We’re working throughout the company to create faster, cheaper, and more available financial services all over the
world, and here are some of the techniques that we’re utilizing. There’s still a long way ahead of us, and if you’d like
to be part of that journey, check out our [careers page](https://bit.ly/3vajnu6).