Laravel socialite always return 403 Forbidden for Apple sign in

I am using socialiteproviders/apple in a Laravel project.

I generate the configs steps by steps in What the Heck is Sign In with Apple?

1. Frist, create a new App ID

2. Then, create a new Service ID which use the id from step 1

3. After that, I create a new Key, download the key file and rename to key.txt

4. Finally, follow the blog, I generate a secert by a ruby script

require 'jwt'    key_file = 'key.txt' # generate in step 3  team_id = 'F44385UFF6' # the code on the top-right corner when I logged into Apple Developer account  client_id = 'com.dancikuai.services' # generate in step 2  key_id = '6727J4X286' # generate in step 3    ecdsa_key = OpenSSL::PKey::EC.new IO.read key_file    headers = {      'kid' => key_id  }    claims = {      'iss' => team_id,      'iat' => Time.now.to_i,      'exp' => Time.now.to_i + 86400*180,      'aud' => 'https://appleid.apple.com',      'sub' => client_id,  }    token = JWT.encode claims, ecdsa_key, 'ES256', headers    puts token  

---

After all above, here is my .env

APPLE_CLIENT_ID="com.dancikuai.services"  APPLE_CLIENT_SECRET="generate in step 4 by a ruby script"  

Errors appeneded when I send a request to https://appleid.apple.com/auth/token ask for user's data with code get from apple

I added a Debug Logger in vendor/socialiteproviders/apple/Provider.php getAccessTokenResponse()

\Log::debug([      'headers' => ['Authorization' => 'Basic '.base64_encode($this->clientId.':'.$this->clientSecret)],      'form_params' => $this->getTokenFields($code)  ]);  

Always return 403 Forbidden without any details.

How can I fix this, please! Thanks a lot！

https://stackoverflow.com/questions/65912760/laravel-socialite-always-return-403-forbidden-for-apple-sign-in January 27, 2021 at 12:07PM