-
Notifications
You must be signed in to change notification settings - Fork 28
/
Provider.php
executable file
·121 lines (101 loc) · 3.5 KB
/
Provider.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<?php
namespace SocialiteProviders\Azure;
use GuzzleHttp\RequestOptions;
use SocialiteProviders\Manager\OAuth2\AbstractProvider;
class Provider extends AbstractProvider
{
public const IDENTIFIER = 'AZURE';
/**
* The base Azure Graph URL.
*
* @var string
*/
protected $graphUrl = 'https://graph.microsoft.com/v1.0/me';
protected $scopeSeparator = ' ';
protected $scopes = ['User.Read'];
protected function getAuthUrl($state): string
{
return $this->buildAuthUrlFromBase($this->getBaseUrl().'/oauth2/v2.0/authorize', $state);
}
/**
* Return the logout endpoint with an optional post_logout_redirect_uri query parameter.
*
* @param string|null $redirectUri The URI to redirect to after logout, if provided.
* If not provided, no post_logout_redirect_uri parameter will be included.
* @return string The logout endpoint URL.
*/
public function getLogoutUrl(?string $redirectUri = null)
{
$logoutUrl = $this->getBaseUrl().'/oauth2/logout';
return $redirectUri === null ?
$logoutUrl :
$logoutUrl.'?'.http_build_query(['post_logout_redirect_uri' => $redirectUri], '', '&', $this->encodingType);
}
protected function getTokenUrl(): string
{
return $this->getBaseUrl().'/oauth2/v2.0/token';
}
public function getAccessToken($code)
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
RequestOptions::FORM_PARAMS => $this->getTokenFields($code),
]);
$this->credentialsResponseBody = json_decode((string) $response->getBody(), true);
return $this->parseAccessToken($response->getBody());
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
$response = $this->getHttpClient()->get($this->graphUrl, [
RequestOptions::HEADERS => [
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$token,
],
RequestOptions::PROXY => $this->getConfig('proxy'),
]);
return json_decode((string) $response->getBody(), true);
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
return (new User)->setRaw($user)->map([
'id' => $user['id'],
'nickname' => null,
'name' => $user['displayName'],
'email' => $user['userPrincipalName'],
'principalName' => $user['userPrincipalName'],
'mail' => $user['mail'],
'avatar' => null,
]);
}
/**
* Get the access token response for the given code.
*
* @param string $code
* @return array
*/
public function getAccessTokenResponse($code)
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
RequestOptions::HEADERS => ['Accept' => 'application/json'],
RequestOptions::FORM_PARAMS => $this->getTokenFields($code),
RequestOptions::PROXY => $this->getConfig('proxy'),
]);
return json_decode((string) $response->getBody(), true);
}
/**
* @return string
*/
protected function getBaseUrl(): string
{
return 'https://login.microsoftonline.com/'.$this->getConfig('tenant', 'common');
}
public static function additionalConfigKeys(): array
{
return ['tenant', 'proxy'];
}
}