composer require dcblogdev/laravel-microsoft-graph
You can publish the config file with:
php artisan vendor:publish --provider="Dcblogdev\MsGraph\MsGraphServiceProvider" --tag="config"
When published, the config/msgraph.php config file contains:
<?php
return [
/*
* the clientId is set from the Microsoft portal to identify the application
* https://apps.dev.microsoft.com
*/
'clientId' => env('MSGRAPH_CLIENT_ID'),
/*
* set the application secret
*/
'clientSecret' => env('MSGRAPH_SECRET_ID'),
/*
* Set the url to trigger the oauth process this url should call return MsGraph::connect();
*/
'redirectUri' => env('MSGRAPH_OAUTH_URL'),
/*
* set the url to be redirected to once the token has been saved
*/
'msgraphLandingUri' => env('MSGRAPH_LANDING_URL'),
/*
set the tenant authorize url
*/
'tenantUrlAuthorize' => env('MSGRAPH_TENANT_AUTHORIZE'),
/*
set the tenant token url
*/
'tenantUrlAccessToken' => env('MSGRAPH_TENANT_TOKEN'),
/*
set the authorize url
*/
'urlAuthorize' => 'https://login.microsoftonline.com/'.env('MSGRAPH_TENANT_ID', 'common').'/oauth2/v2.0/authorize',
/*
set the token url
*/
'urlAccessToken' => 'https://login.microsoftonline.com/'.env('MSGRAPH_TENANT_ID', 'common').'/oauth2/v2.0/token',
/*
set the scopes to be used, Microsoft Graph API will accept up to 20 scopes
*/
'scopes' => 'offline_access openid calendars.readwrite contacts.readwrite files.readwrite mail.readwrite mail.send tasks.readwrite mailboxsettings.readwrite user.readwrite',
/*
The default timezone is set to Europe/London this option allows you to set your prefered timetime
*/
'preferTimezone' => env('MSGRAPH_PREFER_TIMEZONE', 'outlook.timezone="Europe/London"'),
];
You can publish the migration with:
php artisan vendor:publish --provider="Dcblogdev\MsGraph\MsGraphServiceProvider" --tag="migrations"
Optionally if you plan on using Microsoft Graph as a login system you can publish a listener:
php artisan vendor:publish --provider="Dcblogdev\MsGraph\MsGraphServiceProvider" --tag="Listeners"
This contains the following listener:
<?php
namespace App\Listeners;
use App\Models\User;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Queue\InteractsWithQueue;
use Dcblogdev\MsGraph\Models\MsGraphToken;
use Illuminate\Support\Facades\Auth;
class NewMicrosoft365SignInListener
{
public function handle($event)
{
$tokenId = $event->token['token_id'];
$token = MsGraphToken::find($tokenId)->first();
if ($token->user_id == null) {
$user = User::create([
'name' => $event->token['info']['displayName'],
'email' => $event->token['info']['mail'],
'password' => ''
]);
$token->user_id = $user->id;
$token->save();
Auth::login($user);
} else {
$user = User::findOrFail($token->user_id);
$user->save();
Auth::login($user);
}
}
}
You can customise this to suit your application.
After the migration has been published you can create the tokens tables by running the migration:
php artisan migrate
Ensure you've set the following in your .env file:
MSGRAPH_CLIENT_ID=
MSGRAPH_SECRET_ID=
MSGRAPH_OAUTH_URL=https://domain.com/msgraph/oauth
MSGRAPH_LANDING_URL=https://domain.com/msgraph
If you've setup a single-tenant application make sure to include the tenant ID in the .env:
The tenantID value can be seen in the application you've created at https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps click on your application, the Directory (tenant) ID will be listed at the top of the page.
Adding the tenant_id changed some of the URLs from using /common/ to using the supplied tenant ID
MSGRAPH_TENANT_ID=
When logging in as a tenant (for Admin access) add the tenant ID .env:
MSGRAPH_TENANT_AUTHORIZE=https://login.microsoftonline.com/{tenant_id}/adminconsent
MSGRAPH_TENANT_TOKEN=https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/token
Optionally add
MSGRAPH_PREFER_TIMEZONE='outlook.timezone="Europe/London"'