How to select valid keys from JWK key set for apple login token verification?

Question

I am trying to validate apple identityToken using API. I am using the firebase/php-jwt library.

I have done the below code.

$access_token = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
$auth_keys = file_get_contents('https://appleid.apple.com/auth/keys');

$public_keys = JWK::parseKeySet(json_decode($auth_keys, true));
$keys = array_keys($public_keys);

$decoded = JWT::decode($access_token, $public_keys[$keys[0]], ['RS256']);
$decoded_array = (array) $decoded;

echo '<pre>' . print_r($decoded_array, true) . '</pre>';

When I run the code the first time it works successfully. but the second time it returns 'Signature verification failed'. so i just changed from $public_keys[$keys[0]] to $public_keys[$keys[1]] so it works. but if I am trying to login again it is not working.

There is any problem with the key selection? I don't know how to select it. I tried lots of searches but I didn't found any proper solution so I hope to get help from here.

Thank you in advance

Answer 1

$access_token = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
list($headb64, $bodyb64, $cryptob64) = explode('.', $access_token);
$header = JWT::jsonDecode(JWT::urlsafeB64Decode($headb64));

$kid = $header->kid;