azure Kiota MS Graph SDK for PHP中的刷新令牌

xwmevbvl  于 2023-06-24  发布在  PHP
关注(0)|答案(1)|浏览(111)

我有Kiota SDK beta MS Graphch PHP与授权代码。我不知道如何添加刷新令牌,因为现在在每个重新加载页面应用程序需要新的认证代码。是否可以添加刷新令牌?

$tokenRequestContext = new AuthorizationCodeContext(
    'tenantId',
    'clientId',
    'clientSecret',
    'authCode',
    'redirectUri'
);

$scopes = ['User.Read', 'Mail.ReadWrite'];
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$user = $graphServiceClient->users()->byUserId('[userPrincipalName]')->get()->wait();
disbfnqx

disbfnqx1#

注意:若要添加或生成刷新令牌,Azure AD应用程序必须授予**offline_access * API权限。

我创建了一个Azure AD应用程序并授予API权限,如下所示:

现在,我使用下面的端点生成了auth-code

https://login.microsoftonline.com/TenantID/oauth2/v2.0/authorize?
&client_id=ClientID
&response_type=code
&redirect_uri=https://jwt.ms
&response_mode=query
&scope=user.read Mail.ReadWrite offline_access
&state=12345

通过Postman使用以下参数成功生成访问令牌和刷新令牌

https://login.microsoftonline.com/TenantID/oauth2/v2.0/token

client_id:ClientID
grant_type:authorization_code
scope:user.read Mail.ReadWrite offline_access
code:code
redirect_uri:https://jwt.ms
client_secret:ClientSecret

您可以使用刷新令牌**刷新访问令牌,如下所示:

https://login.microsoftonline.com/TenantID/oauth2/v2.0/token

client_id:ClientID
grant_type:refresh_token
refresh_token:refresh_token
client_secret:ClientSecret

修改代码,增加API权限,如下所示:

$tokenRequestContext = new AuthorizationCodeContext(
    'tenantId',
    'clientId',
    'clientSecret',
    'authCode',
    'redirectUri'
);

$scopes = ['User.Read', 'Mail.ReadWrite', 'offline_access];
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$user = $graphServiceClient->users()->byUserId('[userPrincipalName]')->get()->wait();

相关问题