Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Force re-login for oAuth2 [Office365 Rest Api]

Tags:

rest

php

office365

So I have recently integrated the new Office365 Rest API with PHP and have it working successfully with the Contacts API.

The system will generate the request url and redirect the user back once authentication is complete which works perfectly fine however if you go back to the script it will automatically log you through the process again as Office365 does not force reauthorisation.

Our script currently allows multiple users to sync their accounts with our system however this is only letting one user perform this per browser session.

        require_once('./src/Office365_Client.php');
    $client = new Office365_Client();
    $forward_url = $client->createAuthUrl();
    if (isset($_GET['code'])) {
        $code = $_GET['code'];
        $client->setCode($code);
        $responseObj = $client->getTokens();


        $access_token = $client->getAccessToken();
        $refresh_token = $client->getRefreshToken();

        $_SESSION['access_token'] = $access_token;
        $_SESSION['instance_url'] = $instance_url;

        $icustomer = (isset($_SESSION['icustomer'])) ? $_SESSION['icustomer'] : false;
        header("location: " . $_SESSION['redirUrl'] . "?crm=office365&access_token=$access_token&refresh_token=$refresh_token");
        //die();
        //////////////////////////////////////////////////////////
        // LOAD CONTACTS
        /////////////////////////////////////////////////////////
        //$client->getContactsFolders();
        ///////////////////////////////////////////////////
    } else {
        header("location: $forward_url");
    }

Ideally it should work as followed:

User visits our website -> We generate Auth URL and the user is redirected to the Login Page for Office365 (They will then to autheticate if previously not done so) -> Once complete this will return them back to our selection screen with their code ready for their access token to be created. If the user wishes to add a different Office365 account they should be able to go through that process again without using a different browser.

like image 329
Warren Doyle Avatar asked Oct 21 '25 11:10

Warren Doyle

1 Answers

Add prompt=login to the authorization request, so:

header("location: $forward_url" . "&prompt=login");
like image 184
Hans Z. Avatar answered Oct 23 '25 00:10

Hans Z.
Sign in to Comment

Related questions

Laravel: Unknown column $parameter in 'on clause'

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!