This Symfony bundle serves as a tiny wrapper for the Azure Active Directory Provider for OAuth 2.0 Client. You can find additional documentation in the official repository.
Open a command console, enter your project directory and execute the following command to download the latest stable version of this bundle:
symfony composer require m4n50n/oauth2-azure-bundle
Enable the bundle by adding it to the list of registered bundles in the config/bundles.php file of your project.
// config/bundles.php
return [
// ...
M4n50n\OAuth2AzureBundle\OAuth2AzureBundle::class => ['all' => true],
];Configure the bundle in the config/packages/oauth2_azure.yaml file:
# config/packages/oauth2_azure.yaml
o_auth2_azure:
clientId: "%env(AUTH_CLIEN_ID)%"
clientSecret: "%env(AUTH_CLIENT_PASS)%"
tenant: "%env(AUTH_TENANT)%"
redirectUri: "%env(AUTH_REDIRECT_URI)%"
# Optional
redirectToUrl: "%env(bool:AUTH_REDIRECT_TO_URL)%" # Activate redirect after authentication
redirectUrl: "%env(AUTH_REDIRECT_URL)%" # URL to redirect after authentication# .env
AUTH_CLIEN_ID="c3db02f0-401c-452c......"
AUTH_CLIENT_PASS="LfR8Q~yTXB5ozRejLrqE6oYqp......"
AUTH_TENANT="5fa120f8-1ee1-49e3-9b......"
AUTH_REDIRECT_URI="https://endpoint.com/api/login/azure"
AUTH_REDIRECT_TO_URL=true
AUTH_REDIRECT_URL="https://endpoint-client.com"If you want the configuration / environment files to be created automatically inside your /config folder, you can include my private Symfony Flex recipes repository in your composer.json by adding the following configuration:
"extra": {
"symfony": {
"endpoint": [
"https://api.github.com/repos/m4n50n/symfony_flex_recipes/contents/index.json",
"flex://defaults"
]
}
}Inject OAuth2AzureFactory into your Service or Controller, and call the getAuth() method with Request as an argument.
If the redirectToUrl configuration parameter exists and has a true value, it will be redirected to the redirectUrl set after authentication. Otherwise, an AuthResponse object will be returned, containing the getOwnerData() method, which returns the data of the Azure-authenticated account.
use M4n50n\OAuth2AzureBundle\Factory\OAuth2AzureFactory;
final class LoginController extends AbstractController
{
public function __construct(private OAuth2AzureFactory $OAuth2AzureFactory)
{
}
#[Route(path: '/login/azure', name: 'login_azure', methods: ['GET'])]
public function user_azureLoginRequest(JWTTokenManagerInterface $JWTManager, UserPasswordHasherInterface $userPasswordHasher)
{
try {
// ...
$auth = $this->OAuth2AzureFactory->getAuth($this->request);
$ownerData = $auth->getOwnerData();
/* It returns an array with the following structure:
$ownerData = [
"aud" => "c3db02f0-401c-452c......",
"iss" => "https://login.microsoftonline.com/....../v2.0",
"iat" => 1360114,
"profileImage" => "", // base64_encode of the image binary
"email":"josegarciarodriguez89@hotmail.com",
"name":"Jose Garcia",
// ... (other fields)
];
*/
// ...
} catch (\Exception $exception) {
// ...
}
// ...
}
}This wrapper defines the following methods:
- Class
OAuth2AzureFactory:getAuth()starts the user authentication flow. - Class
OAuth2AzureFactory:getConfig()returns the entire bundle configuration object. - Class
AuthResponse:isError()returns if there has been an error in the authentication process.
See CONTRIBUTING for more information.
See SECURITY for more information.
Please see the LICENSE included in this repository for a full copy of the MIT license, which this project is licensed under.