我使用 simple-oauth2 库来获取令牌,但它只有访问令牌和 id 令牌。
如何获取刷新令牌?
我也有同样的问题。 您需要添加范围参数
['offline_access']
在 authUrl
添加:
{access_type:'offline', approval_prompt: 'force'}
这将为您提供刷新令牌
auth_tokens
和 id_token
function refresh_token($token)
{
// Build the form data to post to the OAuth2 token endpoint
$token_request_data = array(
"grant_type" => 'refresh_token',
"refresh_token" => $token,
"redirect_uri" => 'https://login.microsoftonline.com/common/oauth2/token',
"resource" => "https://outlook.office365.com/",
"client_id" => self::$clientId,
"client_secret" => self::$clientSecret
);
// Calling http_build_query is important to get the data
// formatted as Azure expects.
$token_request_body = http_build_query($token_request_data);
error_log("Request body: ".$token_request_body);
$curl = curl_init(self::$authority.self::$tokenUrl);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $token_request_body);
/*custom*/
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
/*custom end*/
$response = curl_exec($curl);
error_log("curl_exec done.");
$httpCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
error_log("Request returned status ".$httpCode);
if ($httpCode >= 400) {
return array('errorNumber' => $httpCode,
'error' => 'Token request returned HTTP error '.$httpCode);
}
// Check error
$curl_errno = curl_errno($curl);
$curl_err = curl_error($curl);
if ($curl_errno) {
$msg = $curl_errno.": ".$curl_err;
error_log("CURL returned an error: ".$msg);
return array('errorNumber' => $curl_errno,
'error' => $msg);
}
curl_close($curl);
// The response is a JSON payload, so decode it into
// an array.
$json_vals = json_decode($response, true);
error_log("TOKEN RESPONSE:");
foreach ($json_vals as $key=>$value) {
error_log(" ".$key.": ".$value);
}
return $json_vals;
}
刷新令牌由授权服务器颁发,由授权服务器自行决定是否颁发。既然您提到了 Outlook API,您可以使用 Microsoft Graph API 来获取刷新令牌。
请查看以下链接:Outlook 开发中心、Microsoft Graph API,了解有关如何获取 Outlook API 刷新令牌的详细信息。