我已经编写了使用 Azure AD 登录的代码,它工作正常,但是当我将其重定向到下一页时,会话变量的值变空,我已粘贴代码以供参考。
$appid = "xxxxxxxxxxxx"; //(MASKING DATA FOR OBVIOUS REASONS)
$tennantid = "xxxxxxxxxxxx"; //(MASKING DATA FOR OBVIOUS REASONS)
$secret = "xxxxxxxxxxxx"; //(MASKING DATA FOR OBVIOUS REASONS)
$login_url = "https://login.microsoftonline.com/" . $tennantid . "/oauth2/v2.0/authorize";
session_start();
$_SESSION['state'] = session_id();
echo "MS OAuth2.0 Demo ";
if (isset($_SESSION['msatg'])) {
echo "Authenticated " . $_SESSION["uname"] . " ";
echo 'Log Out';
} else {
echo 'You can Log In with Microsoft';
}
if (isset($_GET['action']) && $_GET['action'] == 'login') {
$params = array('client_id' => $appid, 'redirect_uri' => 'https://abc.xyz.com/sso/', 'response_type' => 'token', 'response_mode' => 'form_post', 'scope' => 'https://graph.microsoft.com/User.Read', 'state' => $_SESSION['state']);
header('Location: ' . $login_url . '?' . http_build_query($params));
}
if (array_key_exists('access_token', $_POST)) {
$_SESSION['t'] = $_POST['access_token'];
$t = $_SESSION['t'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer ' . $t,
'Content-type: application/json'
));
curl_setopt($ch, CURLOPT_URL, "https://graph.microsoft.com/v1.0/me/");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$rez = json_decode(curl_exec($ch), 1);
if (array_key_exists('error', $rez)) {
var_dump($rez);
die();
} else {
$_SESSION['msatg'] = 1; //auth and verified
$_SESSION['uname'] = $rez["displayName"];
$_SESSION['id'] = $rez["id"];
}
curl_close($ch);
header('Location: https://abc.xyz.com/sso/welcome.php');
}
if (isset($_GET['action']) && $_GET['action'] == 'logout') {
unset($_SESSION['msatg']);
header('Location: https://abc.xyz.com/sso/');
}
当它被重定向到welcome.php页面时,当我var_dump $_SESSION时,它会给我一个空的会话数组;
我希望我的会话数据能够反映在welcome.php页面上
有人可以解释一下我做错了什么吗?
在这里,我使用了
ob_start()
和 ob_end_flush()
输出缓冲有时会干扰会话数据。
代码:
<?php
ob_start();
session_start();
$appid = "<client_id>";
$tennantid = "<tenant_id>";
$secret = "<client_secret>";
$login_url = "https://login.microsoftonline.com/" . $tennantid . "/oauth2/v2.0/authorize";
$_SESSION['state'] = session_id();
if (isset($_SESSION['msatg'])) {
echo "Authenticated " . $_SESSION["uname"] . " ";
echo '<a href="?action=logout">Log Out</a>';
} else {
echo "MS OAuth2.0 Demo ";
echo '<a href="?action=login">Log In with Microsoft</a>';
}
if (isset($_GET['action']) && $_GET['action'] == 'login') {
$params = array(
'client_id' => $appid,
'redirect_uri' => 'https://abc.xyz.com/sso/',
'response_type' => 'token',
'response_mode' => 'form_post',
'scope' => 'https://graph.microsoft.com/User.Read',
'state' => $_SESSION['state']
);
header('Location: ' . $login_url . '?' . http_build_query($params));
exit();
}
if (isset($_POST['access_token'])) {
$_SESSION['t'] = $_POST['access_token'];
$t = $_SESSION['t'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer ' . $t,
'Content-type: application/json'
));
curl_setopt($ch, CURLOPT_URL, "https://graph.microsoft.com/v1.0/me/");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$rez = json_decode(curl_exec($ch), true);
if (isset($rez['error'])) {
var_dump($rez);
die();
} else {
$_SESSION['msatg'] = 1;
$_SESSION['uname'] = $rez["displayName"];
$_SESSION['id'] = $rez["id"];
}
curl_close($ch);
header('Location: https://abc.xyz.com/sso/welcome.php');
exit();
}
if (isset($_GET['action']) && $_GET['action'] == 'logout') {
unset($_SESSION['msatg']);
header('Location: https://abc.xyz.com/sso/');
exit();
}
ob_end_flush();
?>
我将以下 URL 添加到应用程序重定向 URL,如下所示,
输出:
运行成功如下,
我得到了以下输出和上面的输出 URL。然后,我单击使用 Microsoft 登录,如下所示,
我已使用以下帐户登录,
下面是我可以检索的数据,这就是会话在 PHP 配置中的工作方式。