this shit is too complicated

[zackAJ]

I wish it was as simple as:

$jwt=jwt_encode($data,$private_key);
$data=jwt_decode($jwt,$private_key);

[Ocramius]

It roughly is:

$key = InMemory::base64Encoded(
    'hiG8DlOKvtih6AxlZn5XKImZ06yu8I3mkOzaJrEuW8yAv8Jnkw330uMt8AEqQ5LB'
);

$token = (new JwtFacade())->issue(
    new Sha256(),
    $key,
    static fn (
        Builder $builder,
        DateTimeImmutable $issuedAt
    ): Builder => $builder
        ->issuedBy('https://api.my-awesome-app.io')
        ->permittedFor('https://client-app.io')
        ->expiresAt($issuedAt->modify('+10 minutes'))
)
->toString();

See https://lcobucci-jwt.readthedocs.io/en/latest/quick-start/

While many types may seem superfluous to you, they are in place to prevent getting burnt by basic mistakes.

[zackAJ]

yeah, I'm sorry I was a bit fed up with Apple Oauth, this one is on me.
apologies for the rant and thank you for the good work.