通过
搜索
搜索wishtreehkumar / azureadsso
Azure Active Directory SSO 登录流程
dev-master
2022-11-21 09:56 UTC
Requires
- php: ^7.3|^8.0|^8.1
- illuminate/http: ^7.0|^8.0|^9.0
- illuminate/support: ^7.0|^8.0|^9.0
- phpseclib/phpseclib: 2.0.31
This package is auto-updated.
Last update: 2024-09-21 14:07:53 UTC
README
此包可以帮助您轻松实现 Azure Active Directory SSO 登录和 Graph API 访问。
安装步骤
composer require wishtreehkumar/azureadsso
编辑配置文件
php artisan vendor:publish --provider="Wishtreehkumar\Azureadsso\ServiceProvider" --tag="config"
如何使用
设置 .env
AZURE_AD_CLIENT_SECRET=--
AZURE_AD_CLIENT_ID=--
AZURE_AD_TENANT_ID=--
AZURE_AD_TENANT_NAME=--
AZURE_AD_POLICY_NAME=--
AZURE_AD_CALLBACK_URI=--
生成密码
use Wishtreehkumar\Azureadsso\Facades\AzureAD;
$password = AzureAD::generatePassword();
生成登录 URL
- There are two type of Azure AD:
- b2c
- normal
$url = AzureAD::generateLoginUrl('b2c');
return redirect()->away($url);
在回调 URL 中验证 id_token
$azureAd = AzureAD::construct($request->id_token, 'b2c');
if ($azureAd->isAuthenticated()) {
$azurePayload = $azureAd->getPayload();
}
调用 Graph API
$grapApi = AzureAD::graphApi($method, $endPoint, $body);
例如:创建 B2C 用户
$dataBody = [
'accountEnabled' => true,
'displayName' => "Your Company",
'identities' => [
[
'signInType' => 'emailAddress',
'issuer' => 'your_tenet.onmicrosoft.com',
'issuerAssignedId' => 'your_email@example.com',
],
],
'passwordProfile' => [
'password' => $password,
'forceChangePasswordNextSignIn' => false,
],
'passwordPolicies' => 'DisablePasswordExpiration',
];
$grapApi = AzureAD::graphApi('post', 'users', $dataBody);
dd($grapApi->object());