1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
<?php
if ( ! defined( 'ABSPATH' ) ) {
exit; // Exit if accessed directly
}
if (! class_exists ( "PostmanMicrosoftAuthenticationManager" )) {
require_once 'PostmanAbstractAuthenticationManager.php';
/**
* https://msdn.microsoft.com/en-us/library/hh243647.aspx (Seems to be the most up-to-date doc on OAuth 2.0
* https://msdn.microsoft.com/en-us/library/hh243649.aspx (Seems to be the most up-to-date examples on using the API)
* https://msdn.microsoft.com/en-us/library/ff750690.aspx OAuth WRAP (Messenger Connect)
* https://msdn.microsoft.com/en-us/library/ff749624.aspx Working with OAuth WRAP (Messenger Connect)
* https://gist.github.com/kayalshri/5262641 Working example from Giriraj Namachivayam (kayalshri)
*/
class PostmanMicrosoftAuthenticationManager extends PostmanAbstractAuthenticationManager implements PostmanAuthenticationManager {
// constants
const WINDOWS_LIVE_ENDPOINT = 'https://login.live.com/oauth20_authorize.srf';
const WINDOWS_LIVE_REFRESH = 'https://login.live.com/oauth20_token.srf';
// http://stackoverflow.com/questions/7163786/messenger-connect-oauth-wrap-api-to-get-user-emails
// http://quabr.com/26329398/outlook-oauth-send-emails-with-wl-imap-scope-in-php
const SCOPE = 'wl.imap,wl.offline_access';
const VENDOR_NAME = 'microsoft';
/**
* Constructor
*
* Get a Client ID from https://account.live.com/developers/applications/index
*/
public function __construct($clientId, $clientSecret, PostmanOAuthToken $authorizationToken, $callbackUri) {
assert ( ! empty ( $clientId ) );
assert ( ! empty ( $clientSecret ) );
assert ( ! empty ( $authorizationToken ) );
assert ( ! empty ( $callbackUri ) );
$logger = new PostmanLogger ( get_class ( $this ) );
parent::__construct ( $logger, $clientId, $clientSecret, $authorizationToken, $callbackUri );
}
/**
* **********************************************
* Request Verification Code
* https://msdn.microsoft.com/en-us/library/ff749592.aspx
*
* The following example shows a URL that enables
* a user to provide consent to an application by
* using a Windows Live ID.
*
* When successful, this URL returns the user to
* your application, along with a verification
* code.
* **********************************************
*/
public function requestVerificationCode($transactionId) {
$params = array (
'response_type' => 'code',
'redirect_uri' => urlencode ( $this->getCallbackUri () ),
'client_id' => $this->getClientId (),
'client_secret' => $this->getClientSecret (),
'scope' => urlencode ( self::SCOPE ),
'access_type' => 'offline',
'approval_prompt' => 'force'
);
$authUrl = $this->getAuthorizationUrl () . '?' . build_query ( $params );
$this->getLogger ()->debug ( 'Requesting verification code from Microsoft' );
PostmanUtils::redirect ( $authUrl );
}
/**
* **********************************************
* If we have a code back from the OAuth 2.0 flow,
* we need to exchange that for an access token.
* We store the resultant access token
* bundle in the session, and redirect to ourself.
* **********************************************
*/
public function processAuthorizationGrantCode($transactionId) {
if (isset ( $_GET ['code'] )) {
$code = filter_input( INPUT_GET, 'code', FILTER_SANITIZE_STRING );
$this->getLogger ()->debug ( 'Found authorization code in request header' );
$postvals = array (
'client_id' => $this->getClientId (),
'client_secret' => $this->getClientSecret (),
'grant_type' => 'authorization_code',
'redirect_uri' => $this->getCallbackUri (),
'code' => $code
);
$response = PostmanUtils::remotePostGetBodyOnly ( $this->getTokenUrl (), $postvals );
$this->processResponse ( $response );
$this->getAuthorizationToken ()->setVendorName ( self::VENDOR_NAME );
return true;
} else {
$this->getLogger ()->debug ( 'Expected code in the request header but found none - user probably denied request' );
return false;
}
}
public function getAuthorizationUrl() {
return self::WINDOWS_LIVE_ENDPOINT;
}
public function getTokenUrl() {
return self::WINDOWS_LIVE_REFRESH;
}
}
}
|
