Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Addins Shield auth with sso microsoft
Shield auth with sso microsoft
  • Offline pippuccio76
    Senior Member
  • ****
  • Posts: 545
    Threads: 230
    Joined: Jun 2017
    Reputation: 2
#1
02-24-2025, 07:51 AM

Hi there is a way to authenticate in shield with microsoft credentials ?
Reply
  • Offline luckmoshy
    Do Codeigniter before do you!
  • ****
  • Posts: 290
    Threads: 55
    Joined: Nov 2020
    Reputation: 9
#2
02-24-2025, 11:06 AM
(This post was last modified: 02-24-2025, 11:12 AM by luckmoshy.)

(02-24-2025, 07:51 AM)pippuccio76 Wrote: Hi there is a way to authenticate in shield with microsoft credentials ?


yes



Go to the Azure portal (portal.azure.com).


or
Code:
composer require league/oauth2-client

PHP Code:
<?php

namespace App\Authentication;

use CodeIgniter\Shield\Authentication\Authenticators\AbstractAuthenticator;
use League\OAuth2\Client\Provider\Generic// Or a Microsoft-specific provider if available

class MicrosoftAuthenticator extends AbstractAuthenticator
{
    public function attempt(array $credentials null)
    {
        $provider = new Generic([
            'clientId'                => env('MICROSOFT_CLIENT_ID'), // Get these from your .env file
            'clientSecret'            => env('MICROSOFT_CLIENT_SECRET'),
            'redirectUri'             => 'https://your-domain.com/auth/microsoft/callback'// Your callback URL
            'urlAuthorize'            => 'https://login.microsoftonline.com/' env('MICROSOFT_TENANT_ID') . '/oauth2/v2.0/authorize',
            'urlAccessToken'          => 'https://login.microsoftonline.com/' env('MICROSOFT_TENANT_ID') . '/oauth2/v2.0/token',
            'urlResourceOwnerDetails' => 'https://graph.microsoft.com/v1.0/me'// Or another endpoint for user details
        ]);

        // Authorization URL
        if (!isset($_GET['code'])) {
            $authorizationUrl $provider->getAuthorizationUrl();
            $_SESSION['oauth2state'] = $provider->getState(); // Store state in session for verification
            header('Location: ' $authorizationUrl);
            exit;
        } elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
            unset($_SESSION['oauth2state']);
            exit('Invalid state');
        } else {
            // Try to get an access token (using the authorization code grant)
            try {
                $token $provider->getAccessToken('authorization_code', [
                    'code' => $_GET['code']
                ]);

                // Get user details
                $user $provider->getResourceOwner($token);

                // Now you have the user details from Microsoft.
                // You'll need to find or create a user in your database
                // based on the information provided by Microsoft (e.g., email address).

                $userModel model('UserModel'); // Your user model
                $existingUser $userModel->where('email'$user->getEmail())->first(); // Example: Find user by email

                if ($existingUser) {
                    // User exists, log them in
                     $this->login($existingUser);
                    return true;
                } else {
                    // User doesn't exist, create a new user
                    $newUser = [
                        'email'    => $user->getEmail(),
                        'username' => $user->getName(), // Or generate a username
                        // ... other user data ...
                        'password_hash' => password_hash(random_string('alnum'16), PASSWORD_DEFAULT// You'll need a password, even for OAuth users.
                    ];
                    $userId $userModel->insert($newUser);
                    if($userId){
                        $newUser['id'] = $userId;
                        $this->login($newUser);
                        return true;
                    }else{
                        return false;
                    }
                }
            } catch (\Exception $e) {
                exit('Something went wrong: ' $e->getMessage());
            }
        }
    }

    // ... other methods (logout, validate, etc.)


PHP Code:
public $authenticators = [
    'local' => \CodeIgniter\Shield\Authentication\Authenticators\SessionAuthenticator::class,
    'microsoft' => \App\Authentication\MicrosoftAuthenticator::class, // Your custom authenticator
];

$routes->get('auth/microsoft''Auth::microsoft'); // Redirect to Microsoft login
$routes->get('auth/microsoft/callback''Auth::microsoft'); // Callback URL 


PHP Code:
<?php
namespace App\Controllers;

use CodeIgniter\Controller;
use CodeIgniter\Shield\Controllers\Auth as ShieldAuth;

class Auth extends ShieldAuth
{
    public function microsoft()
    {
        $authenticator auth('microsoft');
        return $authenticator->attempt();
    }

Codeigniter First, Codeigniter Then You!!
yekrinaDigitals

Reply
  • Offline datamweb
    I'm interested in programming
  • ***
  • Posts: 209
    Threads: 15
    Joined: Jun 2015
    Reputation: 27
#3
02-24-2025, 08:09 PM

Yes, you can implement authentication with Microsoft credentials by installing the shield-oauth package and using a custom driver shared by users. For more details, you can check out Microsoft.
shield-oauth | CodeIgniter SMS Rocket | CodeIgniter DEA Rule
Reply




Theme © iAndrew 2016 - Forum software by © MyBB