![]() At this point socialite or league/oauth are out of the picture. To a point, SSO can make this easier by creating the migrations you need to store those elements and storing them as they are acquired but you'll use the microsoft-graph package to work with graphapi directly. $token is the token you receive from granting consent, getting an authorization code, using that authorization code to get a token, which you should have saved in your table. Where $url might be something like /v1.0/me/messages/?$top=50 to list out MY top 50 email messages. $reponse = $graph->createResponse('GET', $url)->create() The microsoft-graph package allows you to easily work with the graphapi environment by creating a new graph() object, and calling the url as needed. Then start adding apps per the graph api documentation and your needs. Setup code to refresh the token regularly as your auth code and token will expire and may require consent repeatedly. I would start small, just setup basic auth and ensure you can get your tokens and save them. With oAuth and consent pages, the system has to be able to redirect back to something valid. You'll need a public domain with SSL or localhost domain for testing only. This will handle the API side of things by providing you with urls and callbacks for oAuth to work. This includes adding scope for the apps you'll need access to such as mail.read or user.read to allow your application to read mail or the user's profile. ![]() (it's a helpdesk service we provide)įirst, create an Azure AD application to handle / define your application's needs. In our situation, we needed these in a more global sense to read in messages from a shared mailbox and we don't particularly care about users and not all users have an office365 account as our clients don't like paying for our employees to have office365 accounts under their account. ![]() You can use league\oauth to handle your consent page and store your authorization code, token, and refresh token in your user table or other table as needed. Whether that's a good thing or bad thing is up to you. ![]() Bear in mind IT departments, security departments, and internet tolls may not like this but its entirely doable. You can use 2 packages, League\OAuth and Microsoft\Microsoft-Graph. Having SSO can be a nice feature for your users but it's not strictly required and in some scenarios impossible. You don't necessarily need the SSO side of things. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |