Skip to content

infoxchange/oidc-aad-php-library

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 
contributing.md
contributing.md
 
 
phpunit.xml
phpunit.xml
 
 

Repository files navigation

Azure Active Directory Authentication Code Sample for PHP

This code sample for PHP demonstrates authentication with Microsoft Azure AD, including industry standard protocol support for OAuth2, Web API integration with user level consent, and two factor authentication support.

Installation

To install this library:

git clone [email protected]:jamesmcq/oidc-aad-php-library.git

This library is mostly self-contained, however it uses PSR-4 for autoloading, and PHPUnit for unit testing. You can use Composer to install PHPUnit and generate a PSR-4 autoloader.

  1. See https://getcomposer.org/ for information on how to install composer on your system.
  2. Run php composer.phar install to install PHPUnit and generate a PSR-4 autoloader.
  3. You can then use the Composer autoloader by requiring the vendor/autoload.php file in your scripts.

Usage

Construct an HttpClient object:

$httpclient = new \remotelearner\aadsample\HttpClient;

Construct a storage object. A storage object needs to implement the \remotelearner\aadsample\OIDC\StorageInterface interface. Currently, two sample implementations are available under remotelearner\aadsample\OIDC\StorageProviders namespace - SQLite and Session, but you may need to implement this class yourself based on your storage needs or environment. Initialize SQLite storage provider (as shown in samples folder):

$storage = new \remotelearner\aadsample\OIDC\StorageInterface\SQLite(__DIR__.'/storagedb.sqlite');

or initialize the Session storage provider:

$storage = new \remotelearner\aadsample\OIDC\StorageInterface\Session();

Construct the AzureAD client class using the $httpclient and $storage instances.

$client = new \remotelearner\aadsample\AAD\Client($httpclient, $storage);

Set your client ID, client secret, and redirect URI.

$client->set_clientid($clientid);
$client->set_clientsecret($clientsecret);
$client->set_redirecturi($redirecturi);

You client is now ready to use.

To initiate an authorization request:

$client->authrequest();

To handle an authorization request response (this should be in your redirect URI page):

list($idtoken, $tokenparams, $stateparams) = $client->handle_auth_response($_REQUEST);

To perform a resource-owner credentials request:

$returned = $client->rocredsrequest($_POST['username'], $_POST['password']);
$idtoken = \remotelearner\aadsample\AAD\IDToken::instance_from_encoded($returned['id_token']);

To get user information from an IDToken, call ->claim() on the $idtoken object. This returns OpenID Connect claims:

$idtoken->claim('name');
$idtoken->claim('upn');

Samples and Documentation

The samples folder contains a sample implementation of the library demonstrating basic authentication in several different ways.

Contributing

All code is licensed under the MIT license and we triage actively on GitHub. We enthusiastically welcome contributions and feedback. You can fork the repo and start contributing now. More details about contributing.

License

Copyright (c) Microsoft Corporation. Licensed under the MIT License.

About

No description, website, or topics provided.

Resources

Readme

License

View license
Activity
Custom properties

Stars

0 stars

Watchers

9 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • PHP 100.0%