我正在尝试使用https://github.com/magium/active-directory列出已分配用户的组。我已经通过并授予了Group.Read.All权限
function test()
{
session_start();
$config = [
'authentication' => [
'ad' => [
'client_id' =>,
'client_secret' =>,
'return_url' =>,
'enabled' =>,
'directory' =>
]
]
];
$request = new \Zend\Http\PhpEnvironment\Request();
$ad = new \Magium\ActiveDirectory\ActiveDirectory(
new \Magium\Configuration\Config\Repository\ArrayConfigurationRepository($config),
Zend\Psr7Bridge\Psr7ServerRequest::fromZend(new \Zend\Http\PhpEnvironment\Request()),
null, null, "profile openid email offline_access User.Read Group.Read.All ");
try {
$entity = $ad->authenticate();
echo $entity->getName() . '<Br />';
echo $entity->getOid() . '<Br />';
echo $entity->getPreferredUsername() . '<Br />';
echo "<pre>";
print_r($entity);
echo "</pre>";
}
catch(Magium\ActiveDirectory\InvalidRequestException $e)
{
echo "<pre>";
print_r($e);
echo "</pre>";
}
}
我有点想知道是否可以使用上述存储库而不进行手动图形调用来获取用户的组
对此有任何进一步的指导吗?
答案 0 :(得分:0)
$request = new \GuzzleHttp\Client();
$result = $request->request("GET","https://graph.microsoft.com/v1.0/me/memberOf",[
'headers' => [
'Authorization' => 'Bearer ' . $entity->getAccessToken(),
'Content-Type' => 'application/json;odata.metadata=minimal;odata.streaming=true'
]
]
);
echo "<pre>";
print_r(json_decode($result->getBody()->getContents()));
echo "</pre>";
只需手动调用/ me / memerOf
图形api列表-
https://docs.microsoft.com/en-us/graph/api/user-list-memberof?view=graph-rest-1.0&tabs=http
从问题中采取的建议路线-https://github.com/magium/active-directory/issues/26