2 files changed, 18 insertions, 14 deletions

diff --git a/src/main/java/com/github/scribejava/apis/AppleClientSecretGenerator.java b/src/main/java/com/github/scribejava/apis/AppleClientSecretGenerator.java
index 21254550..df98ee64 100644
--- a/src/main/java/com/github/scribejava/apis/AppleClientSecretGenerator.java
+++ b/src/main/java/com/github/scribejava/apis/AppleClientSecretGenerator.java
@@ -30,13 +30,17 @@ public record AppleClientSecretGenerator(String subject, String teamId, String k
     public String getClientSecret() {
         Instant now = Instant.now();
         return Jwts.builder()
-                .setHeaderParam("kid", keyId)
-                .setIssuer(teamId)
-                .setAudience("https://appleid.apple.com")
-                .setIssuedAt(Date.from(now))
-                .setSubject(subject)
-                .setExpiration(Date.from(ZonedDateTime.ofInstant(now, ZoneId.of("UTC")).plusMonths(1).toInstant()))
-                .signWith(signingKey.getKey(), SignatureAlgorithm.ES256)
+                .header()
+                .add("kid", keyId)
+                .and()
+                .issuer(teamId)
+                .audience()
+                .add("https://appleid.apple.com")
+                .and()
+                .issuedAt(Date.from(now))
+                .subject(subject)
+                .expiration(Date.from(ZonedDateTime.ofInstant(now, ZoneId.of("UTC")).plusMonths(1).toInstant()))
+                .signWith(SignatureAlgorithm.ES256, signingKey.getKey())
                 .compact();
     }
 
diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java
index ce9b49d0..9a46f691 100644
--- a/src/test/java/com/juick/server/tests/ServerTests.java
+++ b/src/test/java/com/juick/server/tests/ServerTests.java
@@ -2445,18 +2445,18 @@ public class ServerTests {
     }
 
     @Test
-    public void testAppleClientSecret()
-            throws NoSuchAlgorithmException, IOException, InvalidKeySpecException, NoSuchProviderException {
+    public void testAppleClientSecret() {
         String secret = new String(clientSecretGenerator.getClientSecret().getBytes(), StandardCharsets.UTF_8);
         final java.security.Key publicKey = clientSecretGenerator.getPublicKey();
 
-        Jws<Claims> jwt = Jwts.parserBuilder().setSigningKey(publicKey).build().parseClaimsJws(secret);
+        Jws<Claims> jwt = Jwts.parser()
+                .setSigningKey(publicKey).build().parseClaimsJws(secret);
         assertThat(jwt.getHeader().get("kid"), is("keyid"));
         assertThat(jwt.getHeader().get("alg"), is("ES256"));
-        Claims claims = jwt.getBody();
-        assertThat(claims.get("iss"), is("teamid"));
-        assertThat(claims.get("sub"), is("com.example.app"));
-        assertThat(claims.get("aud"), is("https://appleid.apple.com"));
+        Claims claims = jwt.getPayload();
+        assertThat(claims.getIssuer(), is("teamid"));
+        assertThat(claims.getSubject(), is("com.example.app"));
+        assertThat(claims.getAudience().contains("https://appleid.apple.com"), is(true));
     }
 
     @Test