/** * Builds the email message and uses RequestManager to send a POST request * to the sendmail endpoint in the unified API. * * @param string $recipient The recipient of the email. * * @function sendWelcomeMail * @return Nothing, passes RuntimeException from RequestManager on error */ public static function sendWelcomeMail($recipient) { $emailBody = file_get_contents('MailTemplate.html'); // Use the given name if it exists, otherwise, use the alias $greetingName = isset($_SESSION['given_name']) ? $_SESSION['given_name'] : explode('@', $_SESSION['unique_name'])[0]; $emailBody = str_replace('{given_name}', $greetingName, $emailBody); // Build the HTTP request payload (the Message object). $email = "{\n Message: {\n Subject: 'Welcome to Office 365 development with PHP',\n Body: {\n ContentType: 'HTML',\n Content: '{$emailBody}'\n },\n ToRecipients: [\n {\n EmailAddress: {\n Address: '{$recipient}'\n }\n }\n ]\n },\n SaveToSentItems: true\n }"; // Send the email request to the sendmail endpoint, // which is in the following URI: // https://graph.microsoft.com/beta/me/sendMail // Note that the access token is attached in the Authorization header RequestManager::sendPostRequest(Constants::RESOURCE_ID . Constants::SENDMAIL_ENDPOINT, array('Authorization: Bearer ' . $_SESSION['access_token'], 'Content-Type: application/json;' . 'odata.metadata=minimal;' . 'odata.streaming=true'), $email); }
/** * Contacts the token endpoint to get OAuth tokens including an access token * that can be used to send an authenticated request to the * Microsoft Graph. * It also stores user information, like given name, in session variables. * * @function acquireToken * @return Nothing, stores tokens in session variables. */ public static function acquireToken() { $tokenEndpoint = Constants::AUTHORITY_URL . Constants::TOKEN_ENDPOINT; // Send a POST request to the token endpoint to retrieve tokens. // Token endpoint is: // https://login.microsoftonline.com/common/oauth2/token $response = RequestManager::sendPostRequest($tokenEndpoint, array(), array('client_id' => Constants::CLIENT_ID, 'client_secret' => Constants::CLIENT_SECRET, 'code' => $_SESSION['code'], 'grant_type' => 'authorization_code', 'redirect_uri' => Constants::REDIRECT_URI, 'resource' => Constants::RESOURCE_ID)); // Store the raw response in JSON format. $jsonResponse = json_decode($response, true); // The access token response has the following parameters: // access_token - The requested access token. // expires_in - How long the access token is valid. // expires_on - The time when the access token expires. // id_token - An unsigned JSON Web Token (JWT). // refresh_token - An OAuth 2.0 refresh token. // resource - The App ID URI of the web API (secured resource). // scope - Impersonation permissions granted to the client application. // token_type - Indicates the token type value. foreach ($jsonResponse as $key => $value) { $_SESSION[$key] = $value; } // The id token is a JWT token that contains information about the user // It's a base64 coded string that has a header and payload $decodedAccessTokenPayload = base64_decode(explode('.', $_SESSION['id_token'])[1]); $jsonAccessTokenPayload = json_decode($decodedAccessTokenPayload, true); // The id token payload has the following parameters: // aud - Audience of the token. // exp - Expiration time. // family_name - User’s last name or surname. // given_name - User’s first name. // iat - Issued at time. // iss - Identifies the token issuer. // nbf - Not before time. The time when the token becomes effective. // oid - Object identifier (ID) of the user object // in Azure Active Directory (AD). // sub - Token subject identifier. // tid - Tenant identifier of the Azure AD tenant that issued the token. // unique_name - A unique identifier that can be displayed to the user. // upn - User principal name. // ver - Version. foreach ($jsonAccessTokenPayload as $key => $value) { $_SESSION[$key] = $value; } }