diff --git a/src/AccessToken/Verify.php b/src/AccessToken/Verify.php index d957908ba..b4c975bfb 100644 --- a/src/AccessToken/Verify.php +++ b/src/AccessToken/Verify.php @@ -91,7 +91,7 @@ public function __construct( * accepted. By default, the id token must have been issued to this OAuth2 client. * * @param string $idToken the ID token in JWT format - * @param string $audience Optional. The audience to verify against JWt "aud" + * @param string $audience Optional. The audience to verify against JWT "aud" * @return array|false the token payload, if successful */ public function verifyIdToken($idToken, $audience = null) diff --git a/src/Client.php b/src/Client.php index 31b3f1d5f..b4d3ce1fc 100644 --- a/src/Client.php +++ b/src/Client.php @@ -443,7 +443,6 @@ public function authorize(ClientInterface $http = null) $this->config['token_callback'] ); } - if ($token = $this->getAccessToken()) { $scopes = $this->prepareScopes(); // add refresh subscriber to request a new token @@ -794,10 +793,11 @@ public function revokeToken($token = null) * @throws LogicException If no token was provided and no token was set using `setAccessToken`. * @throws UnexpectedValueException If the token is not a valid JWT. * @param string|null $idToken The token (id_token) that should be verified. + * @param string|null $audience Optional. The audience to verify against JWT "aud". * @return array|false Returns the token payload as an array if the verification was * successful, false otherwise. */ - public function verifyIdToken($idToken = null) + public function verifyIdToken($idToken = null, string $audience = null) { $tokenVerifier = new Verify( $this->getHttpClient(), @@ -817,7 +817,7 @@ public function verifyIdToken($idToken = null) return $tokenVerifier->verifyIdToken( $idToken, - $this->getClientId() + $audience ?: $this->getClientId() // use the client ID when no audience is supplied ); }