-
php Apple授权登录校验
Apple授权登录校验
github & composer
composer require "simplephp/sign-in-with-apple:1.0.*" -vvv- 1
1. 本地验证(验证 identityToken)
代码如下(示例):
<?php // localAuthCode 方法来本地验证(本地验证无法拿到 access_token/refresh_token等信息,无法主动取消授权) $identityToken = 'xxxx'; $clientID = 'com.xxxx.xxx';// app bundle id $teamID = 'xxxxxxxxxxx'; // 苹果开发中心(https://developer.apple.com/) => Membership => team ID $keyID = 'xxxxxxxxxxxx'; // 苹果开发中心(https://developer.apple.com/) => 在“Certificates, Identifiers & Profiles (英文)”(证书、标识符和描述文件) 中,从侧边栏中选择“Identifiers”(标识符), 在证书配置管理中心,配置Sign In with Apple功能 => 创建则会得到一个私钥,该文件为”AuthKey_{Kid}.p8”,注意保存,其中页面中还有 Key ID // AuthKey_{Kid}.p8 密钥 转化为 .pem 格式密钥, openssl pkcs8 -in AuthKey_KEY_ID.p8 -nocrypt -out AuthKey_KEY_ID.pem $privateKey = <<<EOD -----BEGIN PRIVATE KEY----- xxxxx+9hwuxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx gHr0Wf+7X8Zr2i8XjxxLFY4U/9j/x/xx+cQl7OA/oQaV AUaUQ8mo -----END PRIVATE KEY----- EOD; $authorize = new \Simplephp\Apple\Authorize($clientID, $teamID, $keyID, $privateKey); $data = $authorize->localAuthCode($identityToken);- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
# 结果 { ["iss"]=> string(25) "https://appleid.apple.com" ["aud"]=> string(23) "com.ireadercity.weather" ["exp"]=> int(1656387325) ["iat"]=> int(1656300925) ["sub"]=> string(44) "001505.15c7662da87c48cca328fba2f6304088.0209" ["c_hash"]=> string(22) "lZC-q2D_iRhav0j7-NOfiA" ["email"]=> string(21) "tzqiang1118@gmail.com" ["email_verified"]=> string(4) "true" ["auth_time"]=> int(1656300925) ["nonce_supported"]=> bool(true) }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
2. 远程校验(验证authorizationCode)
代码如下(示例):
<?php // localAuthCode 方法来本地验证(本地验证无法拿到 access_token/refresh_token等信息,无法主动取消授权) $authorizationCode = 'xxxx'; $clientID = 'com.xxxx.xxx';// app bundle id $teamID = 'xxxxxxxxxxx'; // 苹果开发中心(https://developer.apple.com/) => Membership => team ID $keyID = 'xxxxxxxxxxxx'; // 苹果开发中心(https://developer.apple.com/) => 在“Certificates, Identifiers & Profiles (英文)”(证书、标识符和描述文件) 中,从侧边栏中选择“Identifiers”(标识符), 在证书配置管理中心,配置Sign In with Apple功能 => 创建则会得到一个私钥,该文件为”AuthKey_{Kid}.p8”,注意保存,其中页面中还有 Key ID // AuthKey_{Kid}.p8 密钥 转化为 .pem 格式密钥, openssl pkcs8 -in AuthKey_KEY_ID.p8 -nocrypt -out AuthKey_KEY_ID.pem $privateKey = <<<EOD -----BEGIN PRIVATE KEY----- xxxxx+9hwuxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx gHr0Wf+7X8Zr2i8XjxxLFY4U/9j/x/xx+cQl7OA/oQaV AUaUQ8mo -----END PRIVATE KEY----- EOD; $authorize = new \Simplephp\Apple\Authorize($clientID, $teamID, $keyID, $privateKey); $data = $authorize->remoteAuthCode($authorizationCode);- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
# 结果 array(5) { ["access_token"]=> string(64) "xxxx.0.rrvqv.xxx" ["token_type"]=> string(6) "Bearer" ["expires_in"]=> int(3600) ["refresh_token"]=> string(64) "xxx.0.rrvqv.xxx" ["id_token"]=> array(11) { ["iss"]=> string(25) "https://appleid.apple.com" ["aud"]=> string(23) "com.xxx.xxx" ["exp"]=> int(1656399407) ["iat"]=> int(1656313007) ["sub"]=> string(44) "001505.xxxxx.0209" ["at_hash"]=> string(22) "vvEn3RVpGngAm4EKWrLeJw" ["email"]=> string(21) "xxxxx@gmail.com" ["email_verified"]=> string(4) "true" ["auth_time"]=> int(1656312972) ["nonce_supported"]=> bool(true) ["real_user_status"]=> int(2) } }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
3. 刷新 access_token(refreshToken)
代码如下(示例):
<?php // localAuthCode 方法来本地验证(本地验证无法拿到 access_token/refresh_token等信息,无法主动取消授权) $refreshToken = 'xxxx'; $clientID = 'com.xxxx.xxx';// app bundle id $teamID = 'xxxxxxxxxxx'; // 苹果开发中心(https://developer.apple.com/) => Membership => team ID $keyID = 'xxxxxxxxxxxx'; // 苹果开发中心(https://developer.apple.com/) => 在“Certificates, Identifiers & Profiles (英文)”(证书、标识符和描述文件) 中,从侧边栏中选择“Identifiers”(标识符), 在证书配置管理中心,配置Sign In with Apple功能 => 创建则会得到一个私钥,该文件为”AuthKey_{Kid}.p8”,注意保存,其中页面中还有 Key ID // AuthKey_{Kid}.p8 密钥 转化为 .pem 格式密钥, openssl pkcs8 -in AuthKey_KEY_ID.p8 -nocrypt -out AuthKey_KEY_ID.pem $privateKey = <<<EOD -----BEGIN PRIVATE KEY----- xxxxx+9hwuxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx gHr0Wf+7X8Zr2i8XjxxLFY4U/9j/x/xx+cQl7OA/oQaV AUaUQ8mo -----END PRIVATE KEY----- EOD; $authorize = new \Simplephp\Apple\Authorize($clientID, $teamID, $keyID, $privateKey); $data = $authorize->refreshAccessToken($refreshToken);- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
# 结果 array(4) { ["access_token"]=> string(64) "xx.0.rrvqv.xxx" ["token_type"]=> string(6) "Bearer" ["expires_in"]=> int(3600) ["id_token"]=> string(713) "xxxx.xxxx.xx-xxx-xxx" } array(4) { ["access_token"]=> string(64) "xxx.0.rrvqv.xxx" ["token_type"]=> string(6) "Bearer" ["expires_in"]=> int(3600) ["id_token"]=> array(8) { ["iss"]=> string(25) "https://appleid.apple.com" ["aud"]=> string(23) "com.xxxx.xxxx" ["exp"]=> int(1656395074) ["iat"]=> int(1656308674) ["sub"]=> string(44) "001505.xxx.0209" ["at_hash"]=> string(22) "YKKuBovtjP_BJvzPPPk1wQ" ["email"]=> string(21) "xxx@gmail.com" ["email_verified"]=> string(4) "true" } }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
4. 移除授权(refresh_token 或 access_token 类型和值一一对应(remoteAuthCode接口返回))
代码如下(示例):
<?php // localAuthCode 方法来本地验证(本地验证无法拿到 access_token/refresh_token等信息,无法主动取消授权) $accessToken = 'xxxx'; $clientID = 'com.xxxx.xxx';// app bundle id $teamID = 'xxxxxxxxxxx'; // 苹果开发中心(https://developer.apple.com/) => Membership => team ID $keyID = 'xxxxxxxxxxxx'; // 苹果开发中心(https://developer.apple.com/) => 在“Certificates, Identifiers & Profiles (英文)”(证书、标识符和描述文件) 中,从侧边栏中选择“Identifiers”(标识符), 在证书配置管理中心,配置Sign In with Apple功能 => 创建则会得到一个私钥,该文件为”AuthKey_{Kid}.p8”,注意保存,其中页面中还有 Key ID // AuthKey_{Kid}.p8 密钥 转化为 .pem 格式密钥, openssl pkcs8 -in AuthKey_KEY_ID.p8 -nocrypt -out AuthKey_KEY_ID.pem $privateKey = <<<EOD -----BEGIN PRIVATE KEY----- xxxxx+9hwuxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx gHr0Wf+7X8Zr2i8XjxxLFY4U/9j/x/xx+cQl7OA/oQaV AUaUQ8mo -----END PRIVATE KEY----- EOD; $authorize = new \Simplephp\Apple\Authorize($clientID, $teamID, $keyID, $privateKey); $data = $authorize->revokeToken($accessToken);- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
###结果 // 请求apple成功后,不管apple 取消授权成功或失败都是返回空数组 无法判定(可忽略) array(0) { }- 1
- 2
- 3
- 4
-
相关阅读:
基于Spring Boot的中小型医院网站的设计与实现
【一起学Rust | 进阶篇 | Grid库】二维表数据结构——Grid
TypeScript系列之类型 string
Springboot毕设项目基于SpringBoot的抗癌卫士平台的设计与实现3iff1(java+VUE+Mybatis+Maven+Mysql)
Java 类和对象
读书笔记:Effective C++ 2.0 版,条款28(namespace )
Northwestern University-844计算机科学与技术/软件工程-复试注意事项【考研复习】
SpringWeb解析
创维E900-S-普通版-MV100纯净通刷_卡刷固件包
北京/上海/广州/深圳DAMA-CDGA/CDGP数据治理认近期开班
- 原文地址:https://blog.csdn.net/kingstart01/article/details/125486080
