我正在开发一个 Laravel 项目,使用 Socialite 来使用 Microsoft 帐户对用户进行身份验证和登录。我已在 Azure 门户中使用“支持的帐户类型:所有 Microsoft 帐户用户”设置创建了一个应用程序。身份验证过程运行良好,我可以成功获取基本的用户详细信息,例如 ID、姓名和电子邮件。 但是,我无法使用 Microsoft Azure Active Directory 检索用户的广告帐户和 Merchant Center 信息。我已检查 Azure 门户,但找不到必要的 API 权限/范围,例如
ads.manage
。我想知道如何启用这些权限并正确配置我的 Azure 应用程序以获取所需的数据。
<?php
namespace SocialiteProviders\Microsoft;
use Illuminate\Support\Arr;
use GuzzleHttp\RequestOptions;
use Illuminate\Support\Facades\Log;
use GuzzleHttp\Exception\ClientException;
use SocialiteProviders\Manager\OAuth2\AbstractProvider;
use SocialiteProviders\Microsoft\MicrosoftUser as User;
class Provider extends AbstractProvider
{
public const IDENTIFIER = 'MICROSOFT';
protected const DEFAULT_FIELDS_USER = ['id', 'displayName', 'userPrincipalName'];
protected const DEFAULT_FIELDS_ADS_ACCOUNTS = ['id', 'name', 'customerId'];
protected const DEFAULT_FIELDS_MERCHANT_ACCOUNTS = ['id', 'name'];
protected $scopes = [
'https://graph.microsoft.com/User.Read',
'https://ads.microsoft.com/msads.manage',
'offline_access',
];
protected function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase(
'https://login.microsoftonline.com/common/oauth2/v2.0/authorize',
$state
);
}
protected function getTokenUrl()
{
return 'https://login.microsoftonline.com/common/oauth2/v2.0/token';
}
protected function getUserByToken($token)
{
$user = $this->getUserData($token, 'https://graph.microsoft.com/v1.0/me', self::DEFAULT_FIELDS_USER);
if (!$user) {
return [];
}
try {
$adsAccounts = $this->getUserData($token, 'https://ads.microsoft.com/api/v13/accounts', self::DEFAULT_FIELDS_ADS_ACCOUNTS);
} catch (ClientException $e) {
Log::error('Failed to fetch ads accounts', ['exception' => $e, 'user' => $user]);
$adsAccounts = [];
}
try {
$merchantAccounts = $this->getUserData($token, 'https://marketing.microsoft.com/rest/v1/merchantcenters', self::DEFAULT_FIELDS_MERCHANT_ACCOUNTS);
} catch (ClientException $e) {
Log::error('Failed to fetch merchant accounts', ['exception' => $e, 'user' => $user]);
$merchantAccounts = [];
}
$user['adsAccounts'] = $adsAccounts;
$user['merchantAccounts'] = $merchantAccounts;
return $user;
}
protected function mapUserToObject(array $user)
{
return (new User())->setRaw($user)->map([
'id' => $user['id'],
'nickname' => null,
'name' => $user['displayName'],
'email' => $user['userPrincipalName'],
'avatar' => Arr::get($user, 'avatar'),
'adsAccounts' => Arr::get($user, 'adsAccounts'),
'merchantAccounts' => Arr::get($user, 'merchantAccounts'),
'tenant' => Arr::get($user, 'tenant'),
]);
}
protected function getTokenFields($code)
{
return array_merge(parent::getTokenFields($code), [
'scope' => $this->formatScopes($this->getScopes(), $this->scopeSeparator),
]);
}
public static function additionalConfigKeys()
{
return ['tenant', 'include_tenant_info', 'include_avatar', 'include_avatar_size', 'fields', 'tenant_fields'];
}
protected function getUserData($token, $url, $fields)
{
$response = $this->getHttpClient()->get($url, [
RequestOptions::HEADERS => [
'Accept' => 'application/json',
'Authorization' => 'Bearer ' . $token,
],
RequestOptions::QUERY => [
'$select' => implode(',', $fields),
],
]);
$data = json_decode((string) $response->getBody(), true);
if (!$data) {
return [];
}
return $data;
}
}
'microsoft' => [
'client_id' => env('MICROSOFT_CLIENT_ID'),
'client_secret' => env('MICROSOFT_CLIENT_SECRET'),
'tenant_id' => env('MICROSOFT_TENANT_ID'),
'redirect' => env('MICROSOFT_REDIRECT_URI'),
'tenant' => 'common',
'include_tenant_info' => true,
],
MICROSOFT_CLIENT_ID=*****
MICROSOFT_CLIENT_SECRET=***
MICROSOFT_TENANT_ID=**
MICROSOFT_REDIRECT_URI=https://infinitemsfeed.com/microsoft/auth
public function redirectToMicrosoft()
{
return Socialite::driver('microsoft')->redirect();
}
public function handleMicrosoftCallback()
{
// return "abcdefghi";
$user = Socialite::driver('microsoft')->user();
return $user;
}
const handleMicrosoftLogin = () => {
window.open("https://infinitemsfeed.com/auth/microsoft?token=" + window.sessionToken, "_blank")
}
在搜索字段中搜索
App Registerations
。在该页面上,您可以创建所需的 CLIENT_ID、CLIENT_SECRET 和 REDIRECT_URI。
旁注:也许您应该考虑使用这个包
composer require socialiteproviders/microsoft