Office 365 integration
To be able to authenticate with office 365, the plugin needs to be configured with an apiKey and an api secret that can be retrieved in the Microsoft azure panel by registering a new application. A redirect URL will also need to be provided. This URL needs to be your portal URL followed by /o/o365/login. Note that except for localhost tests, the URL is required to be HTTPS.
More info on the application registration is available on Microsoft documentation: https://docs.microsoft.com/fr-fr/graph/auth-register-app-v2
When targeting users in an organizational directory, the organization needs to approve the application for its users before they can be authorized to use it.
The following bundles are required for this module to work:
microsoft-graph-1.4.0.jar http://central.maven.org/maven2/com/microsoft/graph/microsoft-graph/1.4.0/microsoft-graph-1.4.0.jar (not currently a bundle)
The authentication work with a filter hook that listens to the /o/o365/login URL of the portal.
- Whenever a user hit that URL he will be redirected to the office 365 login page
- The user login on the Microsoft site and accept the authorization requested
- The user is sent back to the portal /o/o365/login URL with an authentication code provided
- The filter hook validates that code and get an access token from office 365
- The filter hook save the access token to use it subsequent request
More info is available to understand the office 365 authentication process: https://docs.microsoft.com/fr-fr/azure/active-directory/develop/v1-protocols-openid-connect-code