-
Notifications
You must be signed in to change notification settings - Fork 26
/
Provider.php
executable file
·138 lines (118 loc) · 3.7 KB
/
Provider.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
<?php
namespace SocialiteProviders\Azure;
use GuzzleHttp\RequestOptions;
use SocialiteProviders\Manager\OAuth2\AbstractProvider;
class Provider extends AbstractProvider
{
public const IDENTIFIER = 'AZURE';
/**
* The base Azure Graph URL.
*
* @var string
*/
protected $graphUrl = 'https://graph.microsoft.com/v1.0/me';
/**
* {@inheritdoc}
*/
protected $scopeSeparator = ' ';
/**
* The scopes being requested.
*
* @var array
*/
protected $scopes = ['User.Read'];
/**
* {@inheritdoc}
*/
protected function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase($this->getBaseUrl().'/oauth2/v2.0/authorize', $state);
}
/**
* Return the logout endpoint with an optional post_logout_redirect_uri query parameter.
*
* @param string|null $redirectUri The URI to redirect to after logout, if provided.
* If not provided, no post_logout_redirect_uri parameter will be included.
* @return string The logout endpoint URL.
*/
public function getLogoutUrl(?string $redirectUri = null)
{
$logoutUrl = $this->getBaseUrl().'/oauth2/logout';
return $redirectUri === null ?
$logoutUrl :
$logoutUrl.'?'.http_build_query(['post_logout_redirect_uri' => $redirectUri], '', '&', $this->encodingType);
}
/**
* {@inheritdoc}
*/
protected function getTokenUrl()
{
return $this->getBaseUrl().'/oauth2/v2.0/token';
}
public function getAccessToken($code)
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
RequestOptions::FORM_PARAMS => $this->getTokenFields($code),
]);
$this->credentialsResponseBody = json_decode((string) $response->getBody(), true);
return $this->parseAccessToken($response->getBody());
}
/**
* {@inheritdoc}
*/
protected function getUserByToken($token)
{
$response = $this->getHttpClient()->get($this->graphUrl, [
RequestOptions::HEADERS => [
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$token,
],
RequestOptions::PROXY => $this->getConfig('proxy'),
]);
return json_decode((string) $response->getBody(), true);
}
/**
* {@inheritdoc}
*/
protected function mapUserToObject(array $user)
{
return (new User)->setRaw($user)->map([
'id' => $user['id'],
'nickname' => null,
'name' => $user['displayName'],
'email' => $user['userPrincipalName'],
'principalName' => $user['userPrincipalName'],
'mail' => $user['mail'],
'avatar' => null,
]);
}
/**
* Get the access token response for the given code.
*
* @param string $code
* @return array
*/
public function getAccessTokenResponse($code)
{
$response = $this->getHttpClient()->post($this->getTokenUrl(), [
RequestOptions::HEADERS => ['Accept' => 'application/json'],
RequestOptions::FORM_PARAMS => $this->getTokenFields($code),
RequestOptions::PROXY => $this->getConfig('proxy'),
]);
return json_decode((string) $response->getBody(), true);
}
/**
* @return string
*/
protected function getBaseUrl(): string
{
return 'https://login.microsoftonline.com/'.$this->getConfig('tenant', 'common');
}
/**
* {@inheritdoc}
*/
public static function additionalConfigKeys()
{
return ['tenant', 'proxy'];
}
}