How I can create a user by Client secrets in Azure AD with PHP?
I need access token in below code to create a user. To have this token I need to login first. How I can create a user automatically without any login.
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://graph.microsoft.com/v1.0/users',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS =>'{
"accountEnabled": true,
"displayName": "Adele Vance",
"userPrincipalName": "adelev2#xxx.net",
"passwordProfile" : {
"forceChangePasswordNextSignIn": true,
"password": "xWwvJ]6NMw+bWH-d"
}
}',
CURLOPT_HTTPHEADER => array(
"Authorization: Bearer $accessToken",
"Content-Type: application/json"
),
));
You can refer to this sample, which uses a daemon that does not require user login, and uses the client credential flow to obtain an access token to call MS graph api to create a user. You need to grant User.ReadWrite.All application permissions for the application.
With special thanks to Carl which provide useful links I did it by using two below functions:
I receive a token by calling getToken function and use it in getToken to create a user without any previous login.
function getToken() {
$curl = curl_init();
$dir = env('OAUTH_DIR_ID');
$clientId = env('OAUTH_APP_ID');
$secretKey = env('OAUTH_APP_PASSWORD');
curl_setopt_array($curl, array(
CURLOPT_URL => "https://login.microsoftonline.com/$dir/oauth2/v2.0/token",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => "client_id=$clientId&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default&client_secret=$secretKey&grant_type=client_credentials",
CURLOPT_HTTPHEADER => array(
'Content-Type: application/x-www-form-urlencoded',
'x-ms-gateway-slice=estsfd; stsservicecookie=estsfd'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
}
function addUser($accessToken)
{
try {
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://graph.microsoft.com/v1.0/users',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS =>'{
"accountEnabled": true,
"displayName": "Adele Vance",
"userPrincipalName": "adelev2#yoed.net",
"passwordProfile" : {
"forceChangePasswordNextSignIn": true,
"password": "xWwvJ]6NMw+bWH-d"
}
}',
CURLOPT_HTTPHEADER => array(
"Authorization: Bearer $accessToken",
"Content-Type: application/json"
),
));
$response = curl_exec($curl);
curl_close($curl);
var_dump($response); // Debug print
exit();
} catch (Error $ex) {
$home = env('APP_URL');
header("Location: $home/signin.php?err=" . $ex->getMessage());
die();
}
}
Related
I'm trying to cancel the order from Shipstation for That I've write a code
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://ssapi.shipstation.com/orders/".$order_id,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "DELETE",
CURLOPT_USERPWD => "$public_key:$private_key",
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
echo "here";
now when I run this API it returns nothing no error no issue no success message same order is also not deleted from Shipstation when I try to pass wrong Public or Private key then it gives me an Error
401 Unauthorized
it means that API call is going correctly because I'm getting response but when I pass the correct creds then it gives no response.
Edit
Now I'm trying
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://ssapi.shipstation.com/orders/".$order_id,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "DELETE",
CURLOPT_HTTPHEADER => array(
"Host: ssapi.shipstation.com",
"Authorization:Basic __MY_AUTH_HERE__",
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
Now it is giving me an Error
{"Message":"Authorization has been denied for this request."}
where I've created my Auth like
$auth = base64_encode($username_api_key.":". $password_api_secret);
What is the issue and how to fix that?
Thanks
I have a method that sends an SMS message but instead returns false. The code is used in Postman, and it works. I am using Laravel 5.8.
public function sendSMS()
{
$curl = curl_init();
curl_setopt_array(URL_API, array(
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => '{
"number" : PHONE_NUMBER,
"message" : "Tu código de seguridad es: 289686",
"type" : 1
}',
CURLOPT_HTTPHEADER => array(
'api-key: API_KEY',
'Authorization: Bearer TOKEN_API',
'Content-Type: application/json'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
}
Response in Laravel
[false]
0: false
Response in Postman
{
"success": true,
"message": "Enviado",
"number": "11111111111",
"menssageId": 122585244
}
I verified that CURL is enabled on my localhost.
cURL support : enabled
cURL Information : 7.70.0
I thank you all for your time, the solution was added two parameters in the curl query.
public static function sendSMS($number,$message){
$token = json_decode(self::loginCELLVOZ(),true);
$url = env('URL_BASE') . 'sms/single';
$account = env('ACCOUNT');
$password = env('PASSWORD');
$api_key = env('API_KEY');
$phone = '551'.$number;
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false, //add line
CURLOPT_SSL_VERIFYHOST => false, //add line
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS =>'{
"number" : "'.$phone.'",
"message" : "'.$message.'",
"type" : 1
}',
CURLOPT_HTTPHEADER => array(
'api-key: '.$api_key.'',
'Authorization: Bearer '.$token['token'].'',
'Content-Type: application/json'
),
));
$response = curl_exec($curl);
curl_close($curl);
return $response;
}
NOTE:
Only is necesary this lines in localhost, not recomendly use in the server production.
I am trying to perform some function based on the response I will get from Curl URL. Below is the code I have written. But the response coming is always empty. Due to which the control always goes into an else condition.
if(isset($_POST['verify_button'])){
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://*******/v1/****/*********/".$_POST['********']."?MVNO=*******",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => array(
"Authorization: Basic Z*******",
"accept: application/json"
),
));
$response = curl_exec($curl);
curl_close($curl);
$data = json_decode($response);
if($data->resultCode == '0'){
echo '<div class="mm_success_alert">Sucess</div>';
}
else{
echo '<div class="mm_danger_alert">Fail.</div>';
}
I've set a global variable to equal an access token, and when I print_($session_id) the token is visible. What I'd like to do is pass that variable into my CURLOPT_HTTPHEADER, and have it equal to "Session" in the function get_field_data_id() below:
function get_session_id() {
global $session_id;
$curl = curl_init();
$session_url = "/auth";
curl_setopt_array($curl, array(
CURLOPT_URL => $session_url ,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => array(
"Content-Type: application/json",
"Accept: application/json",
"username: USER",
"password: PASS",
"authorizationkey: KEY"
),
));
$response = curl_exec($curl);
curl_close($curl);
$session_id = $response;
} add_filter( 'gform_after_submission_4', 'get_session_id' );
function get_field_data_id() {
global $session_id;
$curl = curl_init();
$file_url = "URL";
curl_setopt_array($curl, array(
CURLOPT_URL => $file_url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => array(
"Content-Type: application/json",
"Accept: application/json",
"Session: {$session_id}"
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;}
However when I run this function, I get an error message that the session ID is invalid. What am I missing?
{"Message":"Invalid Authorization. Session ID is invalid. "}
Right now i am able to get the data from api by using below code:
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "http://test-api.test.org/user/token",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => array(
"Authorization: Bearer eyJ0eXAiOiJKV1QiI1NiJ9.eyJhdWQiOiIxIiwianRpIjoN2ZiQwiZXhwIjoxNTk0MjY5NjI"
),
));
$response = curl_exec($curl);
$data = json_decode($response, true);
echo $response;
But authorization code is expiring every 15 min and i have to refresh the token after that interval in php.
My requirement is:
To generate token dynamically by using jwt api, user and password
check for if the token is valid or expired after sometime
once the token is expired then refresh it and generate a new token dynamically.
Thanks in advance for all your support.
I found solution of my problem and its working perfectly fine.
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://{instance}/app/oauth/token",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"username\":\"yourusername\", \"yourpassword\":\"{pass}\"}",
CURLOPT_HTTPHEADER => array(
"cache-control: no-cache",
"content-type: application/json"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}