Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AuthorizationUrl is not correct #28

Open
dbrmr opened this issue Feb 23, 2024 · 2 comments
Open

AuthorizationUrl is not correct #28

dbrmr opened this issue Feb 23, 2024 · 2 comments
Assignees
@shemogumbe

Comments

@dbrmr
Copy link

dbrmr commented Feb 23, 2024
edited
Loading

Hello,

I am trying to upgrade my application to use msgraph-sdk-php v2 and found this issue in this package.

$tokenRequestContext = new AuthorizationCodeContext(
    'tenantId', 'clientId', 'clientSecret', 'authCode', 'redirectUri');

$scopes = ['User.Read'];
$authProvider = new GraphPhpLeagueAuthenticationProvider($tokenRequestContext, $scopes);
$redirectUrl = $authProvider->getAccessTokenProvider()
    ->getOauthProvider()->getAuthorizationUrl();

The authorization url is not correct because of:

  1. AADSTS900144: The request body must contain the following parameter: 'client_id'.
  2. AADSTS900144: The request body must contain the following parameter: 'scope'.
  3. Also the redirectUri is missing, there is no specific error for this, but it is necessary.

The clientId and redirectId issues could be fixed in the ProviderFactory class when creating the GenericProvider.
The scopes issue could be fixed in the PhpLeagueAccessTokenProvider constructor and pass them to the ProviderFactory::create, and then to the GenericProvider.

The goal is to have the League\OAuth2\Client\Provider\GenericProvider class fully equipped, which might also require passing the clientSecret to it, but it is not necessary for getAuthorizationUrl().

I can imagine that this fix might not be as simple as I described, but if you could look into it, it would be greatly appreciated.

Thanks!
@tarkanaydin
Copy link

PhpLeagueAccessTokenProvider is missing to include $scopes in parameter list of ProviderFactory->create

https://github.com/microsoft/kiota-authentication-phpleague-php/blob/3335c7d47511b4e8b9bb4c38dfecd6e9205a0dae/src/PhpLeagueAccessTokenProvider.php#L94

Also, ProviderFactory->create method is missing to include neccesary data that $tokenRequestContext when creating GenericProvider as $clientOptions is empty

https://github.com/microsoft/kiota-authentication-phpleague-php/blob/3335c7d47511b4e8b9bb4c38dfecd6e9205a0dae/src/Oauth/ProviderFactory.php#L41-L51

@dbrmr
Copy link
Author

dbrmr commented Aug 17, 2024

PhpLeagueAccessTokenProvider is missing to include $scopes in parameter list of ProviderFactory->create

https://github.com/microsoft/kiota-authentication-phpleague-php/blob/3335c7d47511b4e8b9bb4c38dfecd6e9205a0dae/src/PhpLeagueAccessTokenProvider.php#L94

Also, ProviderFactory->create method is missing to include neccesary data that $tokenRequestContext when creating GenericProvider as $clientOptions is empty

https://github.com/microsoft/kiota-authentication-phpleague-php/blob/3335c7d47511b4e8b9bb4c38dfecd6e9205a0dae/src/Oauth/ProviderFactory.php#L41-L51

Thanks for your input.

I ended giving up on using the php sdk, and moved everything talking to the MS Graph to a .NET component.

@Ndiritu Ndiritu transferred this issue from microsoft/kiota-authentication-phpleague-php Feb 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@shemogumbe shemogumbe

Labels
None yet
Projects
Kiota
Status: New📃
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dbrmr @shemogumbe @tarkanaydin