PHP Extension
PHP Extension
Azure Fetch OpenID Connect metadata document
See more OIDC Examples
Downloads the OpenID Connect self-discovery document for an Azure OIDC enabled app.Chilkat PHP Extension Downloads
<?php
include("chilkat.php");
$success = false;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
$http = new CkHttp();
$http->put_Accept('application/json');
// See the Microsoft Azure OIDC documentation at https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc
// The "tenant" can take one of four values described in the documentation at the link above.
$success = $http->SetUrlVar('tenant','6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd');
$resp = new CkHttpResponse();
$success = $http->HttpNoBody('GET','https://login.microsoftonline.com/{$tenant}/v2.0/.well-known/openid-configuration',$resp);
if ($success == false) {
print $http->lastErrorText() . "\n";
exit;
}
print 'Response Status Code: ' . $resp->get_StatusCode() . "\n";
$json = new CkJsonObject();
$json->Load($resp->bodyStr());
$json->put_EmitCompact(false);
print $json->emit() . "\n";
if ($resp->get_StatusCode() != 200) {
print 'Failed.' . "\n";
exit;
}
// Sample output...
// (See the parsing code below..)
//
// Use the this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
// {
// "token_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/token",
// "token_endpoint_auth_methods_supported": [
// "client_secret_post",
// "private_key_jwt",
// "client_secret_basic"
// ],
// "jwks_uri": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/discovery/v2.0/keys",
// "response_modes_supported": [
// "query",
// "fragment",
// "form_post"
// ],
// "subject_types_supported": [
// "pairwise"
// ],
// "id_token_signing_alg_values_supported": [
// "RS256"
// ],
// "response_types_supported": [
// "code",
// "id_token",
// "code id_token",
// "id_token token"
// ],
// "scopes_supported": [
// "openid",
// "profile",
// "email",
// "offline_access"
// ],
// "issuer": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/v2.0",
// "request_uri_parameter_supported": false,
// "userinfo_endpoint": "https://graph.microsoft.com/oidc/userinfo",
// "authorization_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/authorize",
// "device_authorization_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/devicecode",
// "http_logout_supported": true,
// "frontchannel_logout_supported": true,
// "end_session_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/logout",
// "claims_supported": [
// "sub",
// "iss",
// "cloud_instance_name",
// "cloud_instance_host_name",
// "cloud_graph_host_name",
// "msgraph_host",
// "aud",
// "exp",
// "iat",
// "auth_time",
// "acr",
// "nonce",
// "preferred_username",
// "name",
// "tid",
// "ver",
// "at_hash",
// "c_hash",
// "email"
// ],
// "kerberos_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/kerberos",
// "tenant_region_scope": "NA",
// "cloud_instance_name": "microsoftonline.com",
// "cloud_graph_host_name": "graph.windows.net",
// "msgraph_host": "graph.microsoft.com",
// "rbac_url": "https://pas.windows.net"
// }
$token_endpoint = $json->stringOf('token_endpoint');
$jwks_uri = $json->stringOf('jwks_uri');
$issuer = $json->stringOf('issuer');
$request_uri_parameter_supported = $json->BoolOf('request_uri_parameter_supported');
$userinfo_endpoint = $json->stringOf('userinfo_endpoint');
$authorization_endpoint = $json->stringOf('authorization_endpoint');
$device_authorization_endpoint = $json->stringOf('device_authorization_endpoint');
$http_logout_supported = $json->BoolOf('http_logout_supported');
$frontchannel_logout_supported = $json->BoolOf('frontchannel_logout_supported');
$end_session_endpoint = $json->stringOf('end_session_endpoint');
$kerberos_endpoint = $json->stringOf('kerberos_endpoint');
$tenant_region_scope = $json->stringOf('tenant_region_scope');
$cloud_instance_name = $json->stringOf('cloud_instance_name');
$cloud_graph_host_name = $json->stringOf('cloud_graph_host_name');
$msgraph_host = $json->stringOf('msgraph_host');
$rbac_url = $json->stringOf('rbac_url');
$i = 0;
$count_i = $json->SizeOfArray('token_endpoint_auth_methods_supported');
while ($i < $count_i) {
$json->put_I($i);
$strVal = $json->stringOf('token_endpoint_auth_methods_supported[i]');
$i = $i + 1;
}
$i = 0;
$count_i = $json->SizeOfArray('response_modes_supported');
while ($i < $count_i) {
$json->put_I($i);
$strVal = $json->stringOf('response_modes_supported[i]');
$i = $i + 1;
}
$i = 0;
$count_i = $json->SizeOfArray('subject_types_supported');
while ($i < $count_i) {
$json->put_I($i);
$strVal = $json->stringOf('subject_types_supported[i]');
$i = $i + 1;
}
$i = 0;
$count_i = $json->SizeOfArray('id_token_signing_alg_values_supported');
while ($i < $count_i) {
$json->put_I($i);
$strVal = $json->stringOf('id_token_signing_alg_values_supported[i]');
$i = $i + 1;
}
$i = 0;
$count_i = $json->SizeOfArray('response_types_supported');
while ($i < $count_i) {
$json->put_I($i);
$strVal = $json->stringOf('response_types_supported[i]');
$i = $i + 1;
}
$i = 0;
$count_i = $json->SizeOfArray('scopes_supported');
while ($i < $count_i) {
$json->put_I($i);
$strVal = $json->stringOf('scopes_supported[i]');
$i = $i + 1;
}
$i = 0;
$count_i = $json->SizeOfArray('claims_supported');
while ($i < $count_i) {
$json->put_I($i);
$strVal = $json->stringOf('claims_supported[i]');
$i = $i + 1;
}
?>