support Lcobucci-jwt v3.4+

and compatible to the old versions

composer.json

@@ -22,7 +22,7 @@
  "league/oauth2-client": "^2.0",
  "ext-json": "*",
  "firebase/php-jwt": "^5.2",
- "lcobucci/jwt": "^3.3"
+ "lcobucci/jwt": "^3.4.1"
  },
  "require-dev": {
  "phpunit/phpunit": "~4.0",

src/Provider/Apple.php

@@ -7,6 +7,8 @@
 use Lcobucci\JWT\Builder;
 use Lcobucci\JWT\Signer\Ecdsa\Sha256;
 use Lcobucci\JWT\Signer\Key;
+use DateTimeImmutable;
+
 use League\OAuth2\Client\Grant\AbstractGrant;
 use League\OAuth2\Client\Provider\Exception\AppleAccessDeniedException;
 use League\OAuth2\Client\Token\AccessToken;
@@ -208,6 +210,10 @@ protected function createResourceOwner(array $response, AccessToken $token)
  */
  public function getAccessToken($grant, array $options = [])
  {
+ if(class_exists('\Lcobucci\JWT\Configuration')){
+ return $this->getAccessToken34($grant,$options);
+ }
+
  $signer = new Sha256();
  $time = time();
 
@@ -229,6 +235,31 @@ public function getAccessToken($grant, array $options = [])
  return parent::getAccessToken($grant, $options);
  }
 
+ private function getAccessToken34($grant, array $options = [])
+ {
+ $signer = new Sha256();
+ $now = new DateTimeImmutable();
+ $key = Key\LocalFileReference::file($this->keyFilePath);
+ $config = \Lcobucci\JWT\Configuration::forSymmetricSigner($signer, $key);
+
+ $token = $config->builder()
+ ->issuedBy($this->teamId)
+ ->permittedFor('https://appleid.apple.com')
+ ->issuedAt($now)
+ ->expiresAt($now->modify('+10 minute'))
+ ->relatedTo($this->clientId)
+ ->withHeader('alg', 'ES256')
+ ->withHeader('kid', $this->keyFileId)
+ ->getToken($config->signer(), $this->getLocalKey());
+
+ $options += [
+ 'client_secret' => (string) $token
+ ];
+
+ return parent::getAccessToken($grant, $options);
+ }
+
+
  /**
  * @return Key
  */