diff --git a/src/Provider/Apple.php b/src/Provider/Apple.php
index f432b1e..662dfd1 100644
--- a/src/Provider/Apple.php
+++ b/src/Provider/Apple.php
@@ -84,7 +84,7 @@ protected function createAccessToken(array $response, AbstractGrant $grant)
     /**
      * @return string[] Apple's JSON Web Keys
      */
-    private function getAppleKeys()
+    public function getAppleKeys()
     {
         $response = $this->httpClient->request('GET', 'https://appleid.apple.com/auth/keys');
 
diff --git a/src/Token/AppleAccessToken.php b/src/Token/AppleAccessToken.php
index cbb8b9b..5de7bc9 100644
--- a/src/Token/AppleAccessToken.php
+++ b/src/Token/AppleAccessToken.php
@@ -35,11 +35,8 @@ class AppleAccessToken extends AccessToken
      */
     public function __construct(array $keys, array $options = [])
     {
-        if (array_key_exists('refresh_token', $options)) {
-            if (empty($options['id_token'])) {
-                throw new InvalidArgumentException('Required option not passed: "id_token"');
-            }
-
+        if (array_key_exists('id_token', $options)) {
+            $this->idToken = $options['id_token'];
             $decoded = null;
             $last = end($keys);
             foreach ($keys as $key) {
@@ -71,16 +68,11 @@ public function __construct(array $keys, array $options = [])
                 $this->isPrivateEmail = $payload['is_private_email'];
             }
         }
-
-        parent::__construct($options);
-
-        if (isset($options['id_token'])) {
-            $this->idToken = $options['id_token'];
-        }
-
-        if (isset($options['email'])) {
+        else if (isset($options['email'])) {
             $this->email = $options['email'];
         }
+
+        parent::__construct($options);
     }
 
     /**