diff --git a/.travis.yml b/.travis.yml index 0b04942..bf408e1 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,7 +6,6 @@ matrix: - php: 7.0 - php: 7.1 - php: 7.2 - - php: 7.3 - php: nightly - php: hhvm-3.6 sudo: required @@ -36,6 +35,8 @@ matrix: - php: hhvm-3.12 - php: hhvm-3.15 - php: hhvm-nightly + - php: 7.3 + - php: 7.4 before_script: - travis_retry composer self-update diff --git a/CHANGELOG.md b/CHANGELOG.md index d961195..9ee5fea 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,16 @@ All Notable changes to `oauth2-apple` will be documented in this file ### Security - Nothing +## 0.2.3 - 2021-01-05 + +### Added +- Using guzzle http instead of file_get_contents [#14](https://github.com/patrickbussmann/oauth2-apple/pull/14)/[#17](https://github.com/patrickbussmann/oauth2-apple/pull/17) (thanks to [jmalinens](https://github.com/jmalinens) and [williamxsp](https://github.com/williamxsp)) +- README no scope instruction [#15](https://github.com/patrickbussmann/oauth2-apple/pull/15) (thanks to [NgSekLong](https://github.com/NgSekLong)) +- README leeway usage [#18](https://github.com/patrickbussmann/oauth2-apple/issues/18) (thanks to [lukequinnell](https://github.com/lukequinnell)) + +### Fixed +- Fixed getting first and last name issues [#13](https://github.com/patrickbussmann/oauth2-apple/pull/13) (thanks to [bogdandovgopol](https://github.com/bogdandovgopol)) + ## 0.2.1 - 2020-02-13 ### Added diff --git a/README.md b/README.md index b1c159c..fd947a5 100644 --- a/README.md +++ b/README.md @@ -32,11 +32,14 @@ Usage is the same as The League's OAuth client, using `\League\OAuth2\Client\Pro ### Authorization Code Flow ```php +// $leeway is needed for clock skew +Firebase\JWT\JWT::$leeway = 60; + $provider = new League\OAuth2\Client\Provider\Apple([ 'clientId' => '{apple-client-id}', 'teamId' => '{apple-team-id}', // 1A234BFK46 https://developer.apple.com/account/#/membership/ (Team ID) 'keyFileId' => '{apple-key-file-id}', // 1ABC6523AA https://developer.apple.com/account/resources/authkeys/list (Key ID) - 'keyFilePath' => '{apple-key-file-path}', // __DIR__ . '/AuthKey_1ABC6523AA.p8' -> Download key above + 'keyFilePath' => '{apple-key-file-path}', // __DIR__ . '/AuthKey_1ABC6523AA.p8' -> Download key above 'redirectUri' => 'https://example.com/callback-url', ]); @@ -133,7 +136,7 @@ Please see [CONTRIBUTING](https://github.com/patrickbussmann/oauth2-apple/blob/m - [All Contributors](https://github.com/patrickbussmann/oauth2-apple/contributors) -Template for this repository was the [LinkedIn](https://github.com/thephpleague/oauth2-linkedin). +Template for this repository was the [LinkedIn](https://github.com/thephpleague/oauth2-linkedin). ## License diff --git a/composer.json b/composer.json index 33ce6f0..e521bb9 100644 --- a/composer.json +++ b/composer.json @@ -22,11 +22,11 @@ "league/oauth2-client": "^2.0", "ext-json": "*", "firebase/php-jwt": "^5.2", - "lcobucci/jwt": "^3.3" + "lcobucci/jwt": "~3.3.3" }, "require-dev": { - "phpunit/phpunit": "~4.0", - "mockery/mockery": "~0.9", + "phpunit/phpunit": "^4.8|^7.5", + "mockery/mockery": "~1.3.3", "squizlabs/php_codesniffer": "~2.0", "ext-json": "*" }, diff --git a/phpunit.xml b/phpunit.xml index 1819eb0..ecca7f4 100644 --- a/phpunit.xml +++ b/phpunit.xml @@ -8,13 +8,10 @@ convertWarningsToExceptions="true" processIsolation="false" stopOnFailure="false" - syntaxCheck="false" > getHttpClient()); + return new AppleAccessToken($this->getHttpClient(), $response); } /** @@ -210,12 +210,13 @@ public function getAccessToken($grant, array $options = []) { $signer = new Sha256(); $time = new \DateTimeImmutable(); + $expiresAt = $time->modify('+1 Hour'); $token = (new Builder()) ->issuedBy($this->teamId) ->permittedFor('https://appleid.apple.com') - ->issuedAt($time) - ->expiresAt((clone $time)->modify('+1 Hour')) + ->issuedAt($time->getTimestamp()) + ->expiresAt($expiresAt->getTimestamp()) ->relatedTo($this->clientId) ->withHeader('alg', 'ES256') ->withHeader('kid', $this->keyFileId) diff --git a/src/Token/AppleAccessToken.php b/src/Token/AppleAccessToken.php index 2603c5f..dd4e41b 100644 --- a/src/Token/AppleAccessToken.php +++ b/src/Token/AppleAccessToken.php @@ -32,13 +32,14 @@ class AppleAccessToken extends AccessToken /** * Constructs an access token. * + * @param ClientInterface $httpClient the http client to use * @param array $options An array of options returned by the service provider * in the access token request. The `access_token` option is required. * @throws InvalidArgumentException if `access_token` is not provided in `$options`. * * @throws \Exception */ - public function __construct(array $options = [], $httpClient) + public function __construct($httpClient, array $options = []) { $this->httpClient = $httpClient; diff --git a/test/src/Provider/AppleTest.php b/test/src/Provider/AppleTest.php index 0fb959e..6d12fae 100644 --- a/test/src/Provider/AppleTest.php +++ b/test/src/Provider/AppleTest.php @@ -13,9 +13,10 @@ use League\OAuth2\Client\Provider\Exception\AppleAccessDeniedException; use League\OAuth2\Client\Token\AccessToken; use League\OAuth2\Client\Tool\QueryBuilderTrait; +use PHPUnit\Framework\TestCase; use Mockery as m; -class AppleTest extends \PHPUnit_Framework_TestCase +class AppleTest extends TestCase { use QueryBuilderTrait; @@ -143,12 +144,13 @@ public function testGetAccessToken() ]); $provider = m::mock($provider); - $time = new \DateTimeImmutable(); + $time = new \DateTimeImmutable(); + $expiresAt = $time->modify('+1 Hour'); $token = (new Builder()) ->issuedBy('test-team-id') ->permittedFor('https://appleid.apple.com') - ->issuedAt($time) - ->expiresAt((clone $time)->modify('+1 Hour')) + ->issuedAt($time->getTimestamp()) + ->expiresAt($expiresAt->getTimestamp()) ->relatedTo('test-client') ->withClaim('sub', 'test') ->withHeader('alg', 'RS256') @@ -213,10 +215,11 @@ public function testNotImplementedGetResourceOwnerDetailsUrl() $this->provider->getResourceOwnerDetailsUrl(new AccessToken(['access_token' => 'hello'])); } + /** + * @expectedException \League\OAuth2\Client\Provider\Exception\AppleAccessDeniedException + */ public function testCheckResponse() { - $this->setExpectedException(AppleAccessDeniedException::class, 'invalid_client', 400); - $class = new \ReflectionClass($this->provider); $method = $class->getMethod('checkResponse'); $method->setAccessible(true); diff --git a/test/src/Token/AppleAccessTokenTest.php b/test/src/Token/AppleAccessTokenTest.php index 1e49e12..892668b 100644 --- a/test/src/Token/AppleAccessTokenTest.php +++ b/test/src/Token/AppleAccessTokenTest.php @@ -35,13 +35,13 @@ public function testCreatingAccessToken() ->once() ->andReturn(['examplekey']); - $accessToken = new AppleAccessToken([ + $accessToken = new AppleAccessToken($this->getClient(1), [ 'access_token' => 'access_token', 'token_type' => 'Bearer', 'expires_in' => 3600, 'refresh_token' => 'abc.0.def', 'id_token' => 'something' - ], $this->getClient(1)); + ]); $this->assertEquals('something', $accessToken->getIdToken()); $this->assertEquals('123.abc.123', $accessToken->getResourceOwnerId()); $this->assertEquals('access_token', $accessToken->getToken()); @@ -49,11 +49,11 @@ public function testCreatingAccessToken() public function testCreatingRefreshToken() { - $refreshToken = new AppleAccessToken([ + $refreshToken = new AppleAccessToken($this->getClient(0), [ 'access_token' => 'access_token', 'token_type' => 'Bearer', 'expires_in' => 3600 - ], $this->getClient(0)); + ]); $this->assertEquals('access_token', $refreshToken->getToken()); }