Added leeway usage to README

Author: patrickbussmann

.travis.yml

@@ -6,7 +6,6 @@ matrix:
         - php: 7.0
         - php: 7.1
         - php: 7.2
-        - php: 7.3
         - php: nightly
         - php: hhvm-3.6
           sudo: required
@@ -36,6 +35,8 @@ matrix:
         - php: hhvm-3.12
         - php: hhvm-3.15
         - php: hhvm-nightly
+        - php: 7.3
+        - php: 7.4
 
 before_script:
   - travis_retry composer self-update

CHANGELOG.md

@@ -18,6 +18,16 @@ All Notable changes to `oauth2-apple` will be documented in this file
 ### Security
 - Nothing
 
+## 0.2.3 - 2021-01-05
+
+### Added
+- Using guzzle http instead of file_get_contents [#14](https://github.com/patrickbussmann/oauth2-apple/pull/14)/[#17](https://github.com/patrickbussmann/oauth2-apple/pull/17) (thanks to [jmalinens](https://github.com/jmalinens) and [williamxsp](https://github.com/williamxsp))
+- README no scope instruction [#15](https://github.com/patrickbussmann/oauth2-apple/pull/15) (thanks to [NgSekLong](https://github.com/NgSekLong))
+- README leeway usage [#18](https://github.com/patrickbussmann/oauth2-apple/issues/18) (thanks to [lukequinnell](https://github.com/lukequinnell))
+
+### Fixed
+- Fixed getting first and last name issues [#13](https://github.com/patrickbussmann/oauth2-apple/pull/13) (thanks to [bogdandovgopol](https://github.com/bogdandovgopol))
+
 ## 0.2.1 - 2020-02-13
 
 ### Added

README.md

@@ -32,11 +32,14 @@ Usage is the same as The League's OAuth client, using `\League\OAuth2\Client\Pro
 ### Authorization Code Flow
 
 ```php
+// $leeway is needed for clock skew
+Firebase\JWT\JWT::$leeway = 60;
+
 $provider = new League\OAuth2\Client\Provider\Apple([
     'clientId'          => '{apple-client-id}',
     'teamId'            => '{apple-team-id}', // 1A234BFK46 https://developer.apple.com/account/#/membership/ (Team ID)
     'keyFileId'         => '{apple-key-file-id}', // 1ABC6523AA https://developer.apple.com/account/resources/authkeys/list (Key ID)
-    'keyFilePath'       => '{apple-key-file-path}', // __DIR__ . '/AuthKey_1ABC6523AA.p8' -> Download key above 
+    'keyFilePath'       => '{apple-key-file-path}', // __DIR__ . '/AuthKey_1ABC6523AA.p8' -> Download key above
     'redirectUri'       => 'https://example.com/callback-url',
 ]);
 
@@ -133,7 +136,7 @@ Please see [CONTRIBUTING](https://github.com/patrickbussmann/oauth2-apple/blob/m
 
 - [All Contributors](https://github.com/patrickbussmann/oauth2-apple/contributors)
 
-Template for this repository was the [LinkedIn](https://github.com/thephpleague/oauth2-linkedin). 
+Template for this repository was the [LinkedIn](https://github.com/thephpleague/oauth2-linkedin).
 
 ## License
 

composer.json

@@ -22,11 +22,11 @@
         "league/oauth2-client": "^2.0",
         "ext-json": "*",
         "firebase/php-jwt": "^5.2",
-        "lcobucci/jwt": "^3.3"
+        "lcobucci/jwt": "~3.3.3"
     },
     "require-dev": {
-        "phpunit/phpunit": "~4.0",
-        "mockery/mockery": "~0.9",
+        "phpunit/phpunit": "^4.8|^7.5",
+        "mockery/mockery": "~1.3.3",
         "squizlabs/php_codesniffer": "~2.0",
         "ext-json": "*"
     },

phpunit.xml

@@ -8,13 +8,10 @@
          convertWarningsToExceptions="true"
          processIsolation="false"
          stopOnFailure="false"
-         syntaxCheck="false"
 >
     <logging>
         <log type="coverage-html"
                 target="./build/coverage/html"
-                charset="UTF-8"
-                highlight="false"
                 lowUpperBound="35"
                 highLowerBound="70"/>
           <log type="coverage-clover"

src/Provider/Apple.php

@@ -76,7 +76,7 @@ public function __construct(array $options = [], array $collaborators = [])
      */
     protected function createAccessToken(array $response, AbstractGrant $grant)
     {
-        return new AppleAccessToken($response, $this->getHttpClient());
+        return new AppleAccessToken($this->getHttpClient(), $response);
     }
 
     /**
@@ -210,12 +210,13 @@ public function getAccessToken($grant, array $options = [])
     {
         $signer = new Sha256();
         $time = new \DateTimeImmutable();
+        $expiresAt = $time->modify('+1 Hour');
 
         $token = (new Builder())
             ->issuedBy($this->teamId)
             ->permittedFor('https://appleid.apple.com')
-            ->issuedAt($time)
-            ->expiresAt((clone $time)->modify('+1 Hour'))
+            ->issuedAt($time->getTimestamp())
+            ->expiresAt($expiresAt->getTimestamp())
             ->relatedTo($this->clientId)
             ->withHeader('alg', 'ES256')
             ->withHeader('kid', $this->keyFileId)

src/Token/AppleAccessToken.php

@@ -32,13 +32,14 @@ class AppleAccessToken extends AccessToken
     /**
      * Constructs an access token.
      *
+     * @param ClientInterface $httpClient the http client to use
      * @param array $options An array of options returned by the service provider
      *     in the access token request. The `access_token` option is required.
      * @throws InvalidArgumentException if `access_token` is not provided in `$options`.
      *
      * @throws \Exception
      */
-    public function __construct(array $options = [], $httpClient)
+    public function __construct($httpClient, array $options = [])
     {
         $this->httpClient = $httpClient;
 

test/src/Provider/AppleTest.php

@@ -13,9 +13,10 @@
 use League\OAuth2\Client\Provider\Exception\AppleAccessDeniedException;
 use League\OAuth2\Client\Token\AccessToken;
 use League\OAuth2\Client\Tool\QueryBuilderTrait;
+use PHPUnit\Framework\TestCase;
 use Mockery as m;
 
-class AppleTest extends \PHPUnit_Framework_TestCase
+class AppleTest extends TestCase
 {
     use QueryBuilderTrait;
 
@@ -143,12 +144,13 @@ public function testGetAccessToken()
 	    ]);
         $provider = m::mock($provider);
 
-        $time = new \DateTimeImmutable();
+	    $time = new \DateTimeImmutable();
+        $expiresAt = $time->modify('+1 Hour');
 	    $token = (new Builder())
 		    ->issuedBy('test-team-id')
 		    ->permittedFor('https://appleid.apple.com')
-            ->issuedAt($time)
-            ->expiresAt((clone $time)->modify('+1 Hour'))
+            ->issuedAt($time->getTimestamp())
+            ->expiresAt($expiresAt->getTimestamp())
 		    ->relatedTo('test-client')
 		    ->withClaim('sub', 'test')
 		    ->withHeader('alg', 'RS256')
@@ -213,10 +215,11 @@ public function testNotImplementedGetResourceOwnerDetailsUrl()
 		$this->provider->getResourceOwnerDetailsUrl(new AccessToken(['access_token' => 'hello']));
 	}
 
+    /**
+     * @expectedException \League\OAuth2\Client\Provider\Exception\AppleAccessDeniedException
+     */
 	public function testCheckResponse()
 	{
-		$this->setExpectedException(AppleAccessDeniedException::class, 'invalid_client', 400);
-
 		$class = new \ReflectionClass($this->provider);
 		$method = $class->getMethod('checkResponse');
 		$method->setAccessible(true);

test/src/Token/AppleAccessTokenTest.php

@@ -35,25 +35,25 @@ public function testCreatingAccessToken()
             ->once()
             ->andReturn(['examplekey']);
 
-        $accessToken = new AppleAccessToken([
+        $accessToken = new AppleAccessToken($this->getClient(1), [
             'access_token' => 'access_token',
             'token_type' => 'Bearer',
             'expires_in' => 3600,
             'refresh_token' => 'abc.0.def',
             'id_token' => 'something'
-        ], $this->getClient(1));
+        ]);
         $this->assertEquals('something', $accessToken->getIdToken());
         $this->assertEquals('123.abc.123', $accessToken->getResourceOwnerId());
         $this->assertEquals('access_token', $accessToken->getToken());
     }
 
     public function testCreatingRefreshToken()
     {
-        $refreshToken = new AppleAccessToken([
+        $refreshToken = new AppleAccessToken($this->getClient(0), [
             'access_token' => 'access_token',
             'token_type' => 'Bearer',
             'expires_in' => 3600
-        ], $this->getClient(0));
+        ]);
         $this->assertEquals('access_token', $refreshToken->getToken());
     }