Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hey everyone,
Currently I'm trying to integrate microsoft authentication in my website, but the module works fine with normal emails like :
xxxxxx@outlook.com or xxxxxxxx@hotmail.fr
But when it come to organization email it display an error saying that "this Microsoft email doesn't exist".
Does anyone knows how this can be solved ?
Thanks in advance.
Comment | File | Size | Author |
---|---|---|---|
authentication screenshot.png | 41.82 KB | Ak_sure |
Issue fork social_auth_microsoft-3159996
Show commands
Start within a Git clone of the project using the version control instructions.
Or, if you do not have SSH keys set up on git.drupalcode.org:
Comments
Comment #2
mikejon-es CreditAttribution: mikejon-es commentedSee this issue in the OAuth2 Microsoft Library: https://github.com/stevenmaguire/oauth2-microsoft/issues/18
Comment #4
singularoThe code in the issue fork, when used with the code in my github repo - https://github.com/singularo/oauth2-microsoft and composer.json like:
I wanted it to work with office 365, so after creating the application in Microsoft Azure, Click on Overview, Endpoints and copy/paste the
* OAuth 2.0 authorization endpoint (v2) -> The authorization url
* OAuth 2.0 token endpoint (v2) -> The token url
* Microsoft Graph API endpoint -> The resource owner url
* Set Scopes = user.read
Still TODO:
* Update docs to have more details on how to configure
* Fix field labels to make more sense.
* Is it possible to not change the oauth-microsoft at all and just override the bits we need to in this module?
Comment #5
dravenkNeeds review.
Comment #6
dravenk@himanshu-dixit @gvso
The lib author has said that there is no time to maintain this project. https://github.com/stevenmaguire/oauth2-microsoft/issues/12#issuecomment... Why don’t we just use https://github.com/thephpleague/oauth2-client? This lib is actively maintained and has a huge user base and also recommended by Microsoft https://docs.microsoft.com/en-us/graph/auth/ . And this lib is a dependency package for social_auth, so we don't need to introduce additional dependencies. There’s no better reason not to use thephpleague/oauth2-client.
Comment #7
dravenkRemove an existing version by composer.
Adding snip provide by https://www.drupal.org/project/social_auth_microsoft/issues/3159996#comm... . Run update.
In my case. I added these settings to ADVANCED SETTINGS.
The authorization url
https://login.microsoftonline.com/{{$tenant_id}}/oauth2/v2.0/authorize
The token url.
https://login.microsoftonline.com/{{$tenant_id}}/oauth2/v2.0/token
The resource owner url.
https://graph.microsoft.com/v1.0/me
Scopes for API call.
https://graph.microsoft.com/user.read
Working for me. Thank you. @singularo
Comment #9
singularoNot against using the phpleague one directly, but probably not something I'll contribute.
Will try and get some time to make the field naming and field descriptions better reflect whats required.
Great to hear it worked for you.
Comment #10
wells@singularo et. al. -- does this library serve the same purpose (i.e. could it be a replacement for the unmaintained stevenmaguire/oauth2-microsoft library)? https://github.com/TheNetworg/oauth2-azure.
I'm upgrading this project for D9 support and would be happy to coordinate getting the base library updated as well for O365 support but I don't have an account to test with.
Comment #11
wellsComment #12
rael_albert@devnull.onl CreditAttribution: rael_albert@devnull.onl commentedI'm using this module and I would be happy to help you providing you with an Office 365 account. How can I add send you the details?
Comment #13
wells@raelabert you can use the contact form on d.o user profile to reach out.
Comment #14
jin2001 CreditAttribution: jin2001 at Google Summer of Code commentedI have tried #4 comment mentioned way, because I am a college student and I have a school organization 365 office account to test. I found my organization count worked fine but there is a problem on my computer that the 365 account connected to my admin user 1 directly, maybe there is a big secure bug? So I want to handle this Authenticating with an organization email problem as well as to check if the bug really exist, try the library and fix the code. I decide to join GSOC2021 so I can put this problem fixing assignment into my GSOC plan. I will take it into my calendar and treat it seriously.
Comment #15
wellsHi, @jin2001! Glad to have your help.
Re: admin user, see also #3183424: Gmail account incorrectly linked to admin user 1 drupal account. This might be a bug in a lot of these SA modules that were designed using a similar template... Interested to see your findings.
Comment #16
singularoThe accounts get matched on email address, so if the admin account is the same email address, I'd expect it to sync up like that.
But if that is disabled in /admin/config/social-api/social-auth/microsoft then it might be a bug and that functionality might not work.
Comment #17
jrochate CreditAttribution: jrochate commentedWhen using organisational and the URL is: https://login.microsoftonline.com/organizations/oauth2/v2.0 beware that scope must be separated with a space and not with a comma.
Also, the wl.* scopes are for Windows Live. For organisational the most common are openid and profile.
This can be accomplished on the module settings, but the help text could be adapted to this.
Comment #18
sittard CreditAttribution: sittard commentedAny updates on this? I'm interested in using this module but this issue suggests that it does not work with organisational (Office 365) emails, is that still correct?