Oauth2 apple signin on php laravel

Question

I'm still a newbie and want to ask about the task I'm working on, in this case I'm making authentication using oauth2 to be able to access apple api, but i have an error when signin using apple, invalid_client appears, for invalid_client error, I've done the following way:

1. check the client_id used in the http request (doubts) (i've try by changing client_id)
2. adjust the jwt header and jwt payload to the parameters requirements (checked)
3. and check the JWT signature (checked)

of the three steps that I tried, I felt doubt in the script authentication or client id

please tell me where my fault is in the client_id naming or in the script section thank you for the help, sorry for my bad english here I include the script that I use

``

    $provider = new Apple([
        'clientId'      =>  'com.example.example',
        'teamId'        =>  'apple-team-id',
        'keyFileId'     =>  'apple-key-file-id',
        'keyFilePath'   =>  storage_path('apple-key-file-path'),
        'redirectUri'   =>  'http://localhost:8000/Store/Gold_Store/GoldStore-create',
    ]);

    if(!isset($_POST['code'])){

        //jika kita tidak mempunyai authorization code
        $authUrl = $provider->getAuthorizationUrl();
        $_SESSION['oauth2state'] = $provider->getState();
        header('Location: '.$authUrl);

        exit;

    //check given state against previously stored one to mitigate CSRF attack
    } elseif (empty($_POST['state']) || ($_POST['state'] !== $_SESSION['oauth2state'])) {

        unset($_SESSION['oauth2state']);
        exit('Invalid state');

    }else{
        //try to get access token(using the authorization code grant)
        $token = $provider->getAccessToken('authorization_code', [
            'code' => $_POST['code']
        ]);

        //Optional: Now u have a token u can look up a user profile data
        try {
            //we got an access token, lets now get the user's detail
            $user = $provider->getResourceOwner($token);

            //use these details to create a new profile
            printf('hello %s!', $user->getFirstName());

            //refresh token
            $refreshToken = $token->getRefreshToken();
            $refreshTokenExpiration = $token->getRefreshTokenExpires();

        } catch (Exception $e) {
            //Failed to get user details
            exit(':-(');
        }

        //use this to interact with an API on the users behalf
        echo $token->getToken();
    }

this is my json result

``{ "error": "invalid_client" }

Answer 1

invalid_client error mean the client secret is wrong, maybe the issue in how you generate it or the details which you used.

You can check this snipped of code to test PHP apple sign in

https://gist.github.com/ameen-sarsour/e14a1d5bae5b61080dfdd5b1430c3e10