· 5 years ago · Oct 02, 2020, 06:48 PM
1<?php
2// If this file is called directly, abort.
3if ( ! defined( 'WPINC' ) ) {
4 die;
5}
6
7use Jose\Component\Core\AlgorithmManager;
8use Jose\Component\Core\Converter\StandardConverter;
9use Jose\Component\KeyManagement\JWKFactory;
10use Jose\Component\Signature\Algorithm\ES256;
11use Jose\Component\Signature\JWSBuilder;
12use Jose\Component\Signature\Serializer\CompactSerializer;
13
14class AppleJWTGenerator {
15 /**
16 * Generates an Apple Music JWT for use with their API.
17 */
18 static function generate() {
19
20 $token = get_transient( 'lsap_apple_music_token' );
21
22 if ( empty( $token ) ) {
23 $team_id = 'PYHJN9Z6W2';
24 $key_id = '8NALN5NHP7';
25 $key_file = LSAP_PLUGIN_PATH . 'inc/apple/cert/amk.p8';
26 $expiration_time = HOUR_IN_SECONDS * 24;
27
28 $key = JWKFactory::createFromKeyFile( $key_file );
29 $jsonConverter = new StandardConverter();
30 $algorithmManager = AlgorithmManager::create(
31 [
32 new ES256(),
33 ]
34 );
35
36 $jwsBuilder = new JWSBuilder( $jsonConverter, $algorithmManager );
37 $time = time();
38
39 $payload = $jsonConverter->encode(
40 [
41 'iss' => $team_id,
42 'iat' => $time,
43 'exp' => $time + (int) $expiration_time,
44 ]
45 );
46 $headers = [
47 'alg' => 'ES256',
48 'kid' => $key_id,
49 ];
50
51 $jws = $jwsBuilder
52 ->create()
53 ->withPayload( $payload )
54 ->addSignature( $key, $headers )
55 ->build();
56
57 $serializer = new CompactSerializer( $jsonConverter );
58 $token = $serializer->serialize( $jws );
59
60 set_transient( 'lsap_apple_music_token', $token, HOUR_IN_SECONDS * 20 );
61 }
62
63 return $token;
64 }
65}