zatxm/microsoft-entra

PHP version of simple microsoft entra application,including oauth2 login authentication to obtain token,api request

Maintainers

Details

github.com/zatxm/microsoft-entra

Source

Issues

Installs: 272

Dependents: 0

Suggesters: 0

Security: 0

Stars: 4

Watchers: 1

Forks: 0

Open Issues: 0

1.0.0 2023-10-18 04:52 UTC

Requires

MIT 7c8e2c837f61a09e4ddc42ca34fda5f9f2b2dde7

  • zatxm <zatxm120.woop@gmail.com>

httpgraphmicrosoftoauth2.0microsoft entra

This package is auto-updated.

Last update: 2024-09-18 07:07:25 UTC

README

php版简单microsoft entra应用,包括oauth2登录鉴权获取token,api请求

Usage

composer require zatxm/microsoft-entra

1、请求授权代码

/**
 * 请求授权代码
 */
use Zatxm\MicrosoftEntra\OAuth;

$oauth = new OAuth([
    'clientId' => 'xxxx', //应用程序ID
    'clientSecret' => 'xxxx', //应用程序秘钥
    'scope'        => 'openid profile offline_access user.read', //权限内容
    'oauthRedirectUri' => 'http://localhost:9003', //配置的回调地址
    // 鉴权接口地址,默认为以下三个可以不传
    'oauthAuthority'   => 'https://login.microsoftonline.com/common',
    'oauthAuthorizeEndpoint' => '/oauth2/v2.0/authorize',
    'oauthTokenEndpoint'     => '/oauth2/v2.0/token'
]);
// 应该执行跳转此url,它会要求你登录、授权并跳转到回调url
// 跳转到回调url,您应该验证state,state可以通过下面获取
// 回调会返回code,一般10分钟有效,您应该用它来获取token
// 您应该可以存储code和以下的tag,因为他们可用与获取token
$authUrl = $oauth->getAuthorizationUrl();
// tag会返回如['state'=>'xx', 'codeVerifier'=>'xx', 'codeChallenge'=>'xx'];
$tag = $oauth->getTag();

2、获取access token

/**
 * 获取access token
 */
use Zatxm\MicrosoftEntra\OAuth;

$oauth = new OAuth([
    'clientId' => 'xxxx', //应用程序ID
    'clientSecret' => 'xxxx', //应用程序秘钥
    'scope'        => 'openid profile offline_access user.read', //权限内容
    'oauthRedirectUri' => 'http://localhost:9003', //配置的回调地址
]);
// 微软回调返回的code值,有效期一般10分钟
$authorizationCode = 'xx';
// 可以通过上步的tag取得
$codeVerifier = 'xx';
$accessTokenArr = $oauth->getAccessToken($authorizationCode, $codeVerifier);
$accessToken = $accessTokenArr['access_token']; //可能有error错误码

3、请求entra应用api如graph

/**
 * 发送邮件
 */
use Zatxm\MicrosoftEntra\EntraApi;

$accessToken = 'xx'; //上步获取的access token
$graphApiEndpoint = 'https://graph.microsoft.com/v1.0'; //接口地址,可以不传默认就是这个
$api = new EntraApi($accessToken, $graphApiEndpoint);
$api->setAccessToken('xxxx'); //可以设置新的token
$params = [
    'message' => [
        'subject' => '邮件标题',
        'body'    => [
            'contentType' => 'html',
            'content'     => '邮件内容'
        ],
        'toRecipients' => [['emailAddress'=>['address'=>'xxxx']]]
    ],
    'saveToSentItems' => true
];
$res = $api->go('/me/sendMail', $params, 'POST');

4、access token过期可以通过刷新token重新获取

/**
 * 刷新获取access token
 */
use Zatxm\MicrosoftEntra\OAuth;

$oauth = new OAuth([
    'clientId' => 'xxxx', //应用程序ID
    'clientSecret' => 'xxxx', //应用程序秘钥
    'scope'        => 'openid profile offline_access user.read', //权限内容
    'oauthRedirectUri' => 'http://localhost:9003', //配置的回调地址
]);
$refreshToken = 'xx'; //refresh_token
$accessTokenArr = $oauth->getAccessTokenRefresh($refreshToken);
$accessToken = $accessTokenArr['access_token']; //可能有error错误码

License

MIT