As usual, this is a weird and non-negotiable request from top management.
Anyway, the story is as following:
I will build a website at location A, let say UK (Using CentOS, PHP, Apache)
There is a login form on it, and user can enter their Exchange 2010 username (email), and password to login. Where the Exchange 2010 is at location B, let say US.
So the issue in short is that how I can authenticate with a remote Exchange 2010?
There are several suggestions thrown at me but I am not even sure this can be done in the first place...
Can we leverage Exchange 2010's OWA?
Can we use ActiveSync?
Can we use EWS? (Exchange Web Services)
I am not familiar with Microsoft's related technologies, so my question in short is that is there a web service method or similar where I can do my authentication?
Best Regards
You probably mean authenticate against Active directory in which Exchange server is integrated.Then you can use LDAP:
Authenticating in PHP using LDAP through Active Directory
I would look into the adLDAP library on Source Forge. Email me and I will send you my documentation, it takes about 20 minutes to set up and all you need is MS Active Directory, you do not need LDAP. KWSoutherlandJr At yahoo dot com.
adLDAP.courceforge.net
Yes, you can use Exchange Web Service to do this, I recommend the managed API's. Download here: http://www.microsoft.com/download/en/details.aspx?id=13480 , documentation is here: http://msdn.microsoft.com/en-us/library/dd633710%28EXCHG.80%29.aspx
Here how you could do it. First off include the right namespaces:
// use the exchange library:
using System.Security.Cryptography.X509Certificates;
using Microsoft.Exchange.WebServices.Data;
Then write some code similar to this:
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2007_SP1);
// If you've got a dodgy SSL cert on your exchange box then do this:
System.Net.ServicePointManager.ServerCertificateValidationCallback =
delegate(
Object obj,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors errors)
{
return true;
};
service.Credentials = new WebCredentials(Username, Password, domain);
service.Url = new Uri(url);
// this will fail if the username+password are incorrect:
Folder.Bind(service, WellKnownFolderName.MsgFolderRoot);
You can give EWSWrapper a try - http://ewswrapper.lafiel.net/
It's a PHP wrapper for Exchange Web Services. It will give you an idea how you can authenticate with Ex Server and what can be done with EWS. Python version has a bit better authentication as it cycles through various auth methods.
Also, you can take a look # this: Access Exchange Web Services with PHP and cURL
Cheers~
Related
Good Afternoon,
I have an application and we're trying to connect to out IMAP server using Chilkat (PHP Extension), via the Client Credential Flow method, since it's supposed to be a server-to-server connection, without user interaction.
We're using the Microsoft Graph example as a base-code (https://www.example-code.com/phpExt/microsoft_graph_client_credentials.asp), but we're using the scope (https://ps.outlook.com/.default), link and API permissions as described in the Microsoft Documentation (https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth#use-client-credentials-grant-flow-to-authenticate-imap-and-pop-connections).
I'm able to generate the Access Token, but when we try to connect to an authorized mailbox, we are greeted with the following error message:
ChilkatLog:
Login:
DllDate: Jan 31 2021
ChilkatVersion: 9.5.0.85
UnlockPrefix: OUR_UNLOCK_CODE_HERE
Architecture: Little Endian; 64-bit
Language: Linux PHP
VerboseLogging: 0
loginX:
greeting: * OK The Microsoft Exchange IMAP4 service is ready. [SOME_CK_GENERATED_CODE_HERE]
authenticateXOAuth2:
xoauth2Imap:
ConnectionType: SSL/TLS
--xoauth2Imap
isOK:
serverResponse: aaab NO AUTHENTICATE failed.
--isOK
--authenticateXOAuth2
--loginX
Failed.
--Login
--ChilkatLog
I have tried using the token generated via postman, I've tried every single API permission that I found out on the Microsoft Documentation, and I have tried many different chilkat implementations on my server... All to no avail.
All I need is some way to connect to my IMAP folders, since we are currently using basic Auth (and basic Auth for IMAP will die at the end of the year).
I'm not sure what the problem is, since we gave our test email IMAP parmissions and followed to the letter the microsoft documentation. I'm a little lost on what could be causing the error, the API permissions, the mailbox permissions or our Chilkat PHP implementation. Can you guys help me find out what is going on, please? Thanks!
I feel your pain because I haven't been able to get client_credentials working with Office365 either.
It's a common use case, and you'd think Microsoft would make it easy.
My only suggestion (for now) is to get the very first OAuth2 access token using authorization flow (i.e. interactively with a browser), and then refresh non-interactively as needed from that point forward.
The blog post is a good starting point for using Chilkat with Office365 OAuth2:
https://cknotes.com/office365-modern-authentication-for-imap-pop3-and-smtp/
I am new to GoogleAPIs and Laravel, I run a PHP web application on Laravel 8 in a virtual Linux environment. Socialite and Drive API was working fine and out of sudden it doesn't work anymore and always return connection refused error after long period of loading as follows:
GuzzleHttp\Exception\ConnectException
Connection refused for URI https://www.googleapis.com/oauth2/v4/token
I had tried to create a new credential with new refresh token and checked all the network settings, and always clear config cache and restart apache for all troubleshoots I have tested, yet the error still exists.
I would appreciate it much if anyone could enlighten me on what are the aspects I shall look into it.
There are multiple issues in this question.
First and foremost, you are sending your secret to a third party. This means that they are able to do any API calls as you (using your name and quotas). Even if they claim that they won't, they can. Please remove any secret you may have and create new ones.
As for the OAuth 2.0, you seem to be using an old URL. You should probably take a look into the official documentation for:
Using OAuth 2.0 to Access Google APIs for a basic explanation.
Using OAuth 2.0 for Web Server Applications for making a web and getting permissions to get/modify a user's data (can be yourself).
Using OAuth 2.0 for Server to Server Applications for using a service account to execute as one of the users on your organization, without the need of manually giving permission.
Also notice that there are PHP libraries officially supported by Google to make your life way easier. See the Drive API's PHP Quickstart.
I am trying to create an API to connect to ETSY and obtain orders information. They require authentication with OAuth.
I am looking for a script that can do the OAuth step relying on an external library, and not on a pre-installed server package, as ipage.com (my current host) does not have the OAuth package installed.
Not sure where you got that code from exactly, but the correct class you want to instantiate is \OAuth\OAuth1\Service\Etsy. Each service in the library has its own class.
You don't have to look at the individual implementations for connecting users with your app. We already have abstracted that part for you. The easiest way to get you started with the Etsy service is to copy the example.
You can add your key and secret here.
Once the user has approved your app you can start making requests to the service. An example of this can be found here.
From that point on you can simply make requests by doing $etsyService->request('/whatever/you/want/to/get') by choosing the correct path from http://www.etsy.com/developers/documentation.
Probably because etsy did not return a login_url
First, try print_r($req_token) - see if that provides anything useful (like an error message)
Failing that, if $req_token is false, you may want to see if your SSL libraries are up to par. Try a phpinfo(); and check the PHP error log to see if either (1) SSL is not supported for your PHP install or (2) there is an error with the SSL connection.
I am implemented In App Billing for android.I wanted to implement subscription validity checking through my backend server. As Google Play Documentation, for making call for Google Play API,need authentication using oauth 2.0.
I followed instructions for registering project and creating credentials. But from there I have no idea how to use those credentials, I tried authentication via CURL request, but it asking permission as shown in follwing image
This permissions works fine I can exchange code and get access token, but all this done by manually, how should I implement this on backend.
I even try to use google api php library provided by Google, but It adds confusion. Also they didn't provide any example, how to use library.
Can anybody elaborate how exactly use library or pure php?
Thanks in advance.
To perform LVL and/or IAB validation on a server, do not access Google servers directly from the server. Even if all information were available, you would face integrity problems, because your app and your server will see different information due to synchronization latencies.
Instead, use your app as a proxy and validate the Google Play information on your server as described here.
Recently I programmed a little app for my android device. As the datastorage for the app, Iam using a mysql database, which can be accessed via different php scipts. So all the app does, is it sends POST requests to the php scripts to communicate to the database.
But now I consider about the security aspect. These php scripts can be accessed by every webclient. So every webclient has the possibility to compromise my database, which is of course not the ideal case.
So I was wondering if there is a way to just allow authorized clients to use these php-webservices?
Does php provide any kind of authentification that can be used by an android client?
Cheers
You simply need to require an authentification when invoquing the service:
simple and dirty: http basic auth, like Twitter used to do
a better solution is OAuth, like Twitter now does
There are of course other possibilities (WS-Security, but you don't seem to use SOAP).
for security, you should prefer to interact through an API to your mysql...isn't it?
A few points:
Use a different port (i.e: not 80 or 8080) for the web access
Add authentication with a username and password. Inside your application, you can get these from a secure config file.
On the server side, you can also do some checking on user agents, IP addresses and maybe even device ids.
This is just a start