How to validate an ID token signature with apple as an alternative to google oauth2

Hello all i have created with google oauth api an easy way to validate an ID token signature for debugging by using the tokeninfo endpoint.

To validate an ID token using the tokeninfo endpoint, i make an HTTPS POST or GET request to the endpoint, and pass my ID token in the id_token parameter. For example, to validate the token "XYZ123", make the following GET request:

https://oauth2.googleapis.com/tokeninfo?id_token=XYZ123

If the token is properly signed and has the appropriate values I got an HTTP 200 response (i follow this guide https://developers.google.com/identity/sign-in/web/backend-auth)

What is the alternative choice within apple? Any recommendations on how to fix the exact same thing for apple?

Here is an example of my code:

$curl = curl_init();

            curl_setopt_array($curl, array(
              CURLOPT_URL => 'https://oauth2.googleapis.com/tokeninfo?id_token=' . $request->input('token'),
              CURLOPT_RETURNTRANSFER => true,
              CURLOPT_ENCODING => '',
              CURLOPT_MAXREDIRS => 10,
              CURLOPT_TIMEOUT => 0,
              CURLOPT_FOLLOWLOCATION => true,
              CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
              CURLOPT_CUSTOMREQUEST => 'GET',
            ));

            $response = curl_exec($curl);
            curl_close($curl);
            $responseDecoded = json_decode($response);

            if (isset($responseDecoded->error)) //FAILED TO GOOGLE AUTHENTICATED
            {
                if ($responseDecoded->error=='invalid_token')
                {
                    return response()->json(['status' => 'fail', 'message'=>'invalid_token']);
                }
            }


Read more here: https://stackoverflow.com/questions/68472517/how-to-validate-an-id-token-signature-with-apple-as-an-alternative-to-google-oau

Content Attribution

This content was originally published by Mixalis Navridis at Recent Questions - Stack Overflow, and is syndicated here via their RSS feed. You can read the original post over there.

%d bloggers like this: