我正在尝试使用Azure AD在Laravel应用程序中启用身份验证。 我使用此Repository中的代码来执行此操作。 我遇到的问题之一是,我无法访问B2C策略,因此我尝试在没有策略的情况下执行此操作,这就是我的getMetadata函数
public function getMetadata($policy_name) {
require "settings.php";
$metadata_endpoint = $metadata_endpoint_begin; // . $policy_name;
$this->metadata = $this->getEndpointData($metadata_endpoint);
}
您可以看到此处未使用策略名称。如果没有政策,甚至可以这样做吗?
当我按下登录按钮时,它将运行此功能...
public function login()
{
require app_path()."/Http/Controllers/settings.php";
require app_path()."/Http/Controllers/EndpointHandler.php";
// Set cookie for state
$state = rand();
setcookie("state", $state);
// Redirect to sign up/sign in page
$endpoint_handler = new EndpointHandler($generic_policy);
$authorization_endpoint = $endpoint_handler->getAuthorizationEndpoint()."&state=generic"."+". $state;
return redirect($authorization_endpoint);
}
...它会将我定向到一个login.microsoftonline.com / ...网站,我可以在其中输入我的凭据,但是当我完成此操作后,它会将我重定向到我的欢迎页面https://bcompetent.bertrandt.com/fleetbookingtest/public/,但它没有没有显示我的欢迎页面,但显示500服务器错误
我知道调用了validateSignature函数(如下所示),因为它在RSA之前输出我的回声“
”,但是在RSA之后却不显示我的回声“
”,所以我猜它没有调用“ Crypt_RSA();”功能。
该行需要app_path()。“ / Http / Controllers / phpseclib / Crypt / RSA.php”;在脚本中,因此应该看到该功能。 Crypt_RSA的构造函数也粘贴在validateSignature方法下(在它的开头也没有出现回声。有人能想象为什么不调用此函数以及为什么会出现500 Server错误吗?
ValidateSignature和Crypt_RSA构造函数:
// Validates the RSA signature on the token
private function validateSignature() {
// Get kid from header
$kid = getClaim("kid", $this->head);
// Get public key
$key_data = $this->endpointHandler->getJwksUriData();
// Extract e and n from the public key
$e_regex = '/"kid":\W*"' . $kid . '.*"e":\W*"([^"]+)/';
$e_array = array();
preg_match($e_regex, $key_data, $e_array);
$n_regex = '/"kid":\W*"' . $kid . '.*"n":\W*"([^"]+)/';
$n_array = array();
preg_match($n_regex, $key_data, $n_array);
// 'e' and 'n' are base64 URL encoded, change to just base64 encoding
$e = $this->convert_base64url_to_base64($e_array[1]);
$n = $this->convert_base64url_to_base64($n_array[1]);
echo "<br>before RSA";
// Convert RSA(e,n) format to PEM format
$rsa = new Crypt_RSA();
echo "<br>after RSA";
var_dump($rsa);
$rsa->setPublicKey('<RSAKeyValue>
<Modulus>' . $n . '</Modulus>
<Exponent>' . $e . '</Exponent>
</RSAKeyValue>');
$public_key = $rsa->getPublicKey();
var_dump($public_key);
// Verify Signature
$to_verify_data = $this->id_token_array[0] . "." . $this->id_token_array[1];
$to_verify_sig = base64_decode($this->convert_base64url_to_base64(($this->id_token_array[2])));
$verified = openssl_verify($to_verify_data, $to_verify_sig, $public_key, OPENSSL_ALGO_SHA256);
var_dump($verified);
return $verified;
}
function __construct()
{
echo "<br><br>RSA";
if (!class_exists('Math_BigInteger')) {
include_once 'Math/BigInteger.php';
}
$this->configFile = CRYPT_RSA_OPENSSL_CONFIG;
if (!defined('CRYPT_RSA_MODE')) {
switch (true) {
// Math/BigInteger's openssl requirements are a little less stringent than Crypt/RSA's. in particular,
// Math/BigInteger doesn't require an openssl.cfg file whereas Crypt/RSA does. so if Math/BigInteger
// can't use OpenSSL it can be pretty trivially assumed, then, that Crypt/RSA can't either.
case defined('MATH_BIGINTEGER_OPENSSL_DISABLE'):
define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
break;
// openssl_pkey_get_details - which is used in the only place Crypt/RSA.php uses OpenSSL - was introduced in PHP 5.2.0
case !function_exists('openssl_pkey_get_details'):
define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
break;
case extension_loaded('openssl') && version_compare(PHP_VERSION, '4.2.0', '>=') && file_exists($this->configFile):
// some versions of XAMPP have mismatched versions of OpenSSL which causes it not to work
ob_start();
@phpinfo();
$content = ob_get_contents();
ob_end_clean();
preg_match_all('#OpenSSL (Header|Library) Version(.*)#im', $content, $matches);
$versions = array();
if (!empty($matches[1])) {
for ($i = 0; $i < count($matches[1]); $i++) {
$fullVersion = trim(str_replace('=>', '', strip_tags($matches[2][$i])));
// Remove letter part in OpenSSL version
if (!preg_match('/(\d+\.\d+\.\d+)/i', $fullVersion, $m)) {
$versions[$matches[1][$i]] = $fullVersion;
} else {
$versions[$matches[1][$i]] = $m[0];
}
}
}
// it doesn't appear that OpenSSL versions were reported upon until PHP 5.3+
switch (true) {
case !isset($versions['Header']):
case !isset($versions['Library']):
case $versions['Header'] == $versions['Library']:
case version_compare($versions['Header'], '1.0.0') >= 0 && version_compare($versions['Library'], '1.0.0') >= 0:
define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_OPENSSL);
break;
default:
define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
define('MATH_BIGINTEGER_OPENSSL_DISABLE', true);
}
break;
default:
define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
}
}
$this->zero = new Math_BigInteger();
$this->one = new Math_BigInteger(1);
$this->hash = new Crypt_Hash('sha1');
$this->hLen = $this->hash->getLength();
$this->hashName = 'sha1';
$this->mgfHash = new Crypt_Hash('sha1');
$this->mgfHLen = $this->mgfHash->getLength();
}