search

microsoft / kiota-authentication-phpleague-php

Kiota authentication provider implementation for OAuth with PHPLeague
https://aka.ms/kiota/docs
MIT License
9 stars 5 forks source link

AuthorizationUrl is not correct #73

Open dbrmr opened 6 months ago

dbrmr commented 6 months ago

Hello,

I am trying to upgrade my application to use msgraph-sdk-php v2 and found this issue in this package.

$tokenRequestContext = new AuthorizationCodeContext(
    'tenantId', 'clientId', 'clientSecret', 'authCode', 'redirectUri');

$scopes = ['User.Read'];
$authProvider = new GraphPhpLeagueAuthenticationProvider($tokenRequestContext, $scopes);
$redirectUrl = $authProvider->getAccessTokenProvider()
    ->getOauthProvider()->getAuthorizationUrl();

The authorization url is not correct because of:

  1. AADSTS900144: The request body must contain the following parameter: 'client_id'.
  2. AADSTS900144: The request body must contain the following parameter: 'scope'.
  3. Also the redirectUri is missing, there is no specific error for this, but it is necessary.

The clientId and redirectId issues could be fixed in the ProviderFactory class when creating the GenericProvider. The scopes issue could be fixed in the PhpLeagueAccessTokenProvider constructor and pass them to the ProviderFactory::create, and then to the GenericProvider.

The goal is to have the League\OAuth2\Client\Provider\GenericProvider class fully equipped, which might also require passing the clientSecret to it, but it is not necessary for getAuthorizationUrl().

I can imagine that this fix might not be as simple as I described, but if you could look into it, it would be greatly appreciated.

Thanks!

tarkanaydin commented 1 month ago

PhpLeagueAccessTokenProvider is missing to include $scopes in parameter list of ProviderFactory->create

https://github.com/microsoft/kiota-authentication-phpleague-php/blob/3335c7d47511b4e8b9bb4c38dfecd6e9205a0dae/src/PhpLeagueAccessTokenProvider.php#L94

Also, ProviderFactory->create method is missing to include neccesary data that $tokenRequestContext when creating GenericProvider as $clientOptions is empty

https://github.com/microsoft/kiota-authentication-phpleague-php/blob/3335c7d47511b4e8b9bb4c38dfecd6e9205a0dae/src/Oauth/ProviderFactory.php#L41-L51

dbrmr commented 1 month ago

PhpLeagueAccessTokenProvider is missing to include $scopes in parameter list of ProviderFactory->create

https://github.com/microsoft/kiota-authentication-phpleague-php/blob/3335c7d47511b4e8b9bb4c38dfecd6e9205a0dae/src/PhpLeagueAccessTokenProvider.php#L94

Also, ProviderFactory->create method is missing to include neccesary data that $tokenRequestContext when creating GenericProvider as $clientOptions is empty

https://github.com/microsoft/kiota-authentication-phpleague-php/blob/3335c7d47511b4e8b9bb4c38dfecd6e9205a0dae/src/Oauth/ProviderFactory.php#L41-L51

Thanks for your input.

I ended giving up on using the php sdk, and moved everything talking to the MS Graph to a .NET component.