Fix for AuthenticationContext.acquireAppOnlyAccessTokenWithCert method: recognize site context

Author: vgrem

examples/SharePoint/ConnectWithCert.php

@@ -7,9 +7,8 @@
  * 1. generate Self-Signed SSL Certificate
  *    - generate a private key:  openssl genrsa -out private.key 2048
  *    - generate a public key:  openssl req -new -x509 -key private.key -out publickey.cer -days 365
- * 2. upload the publickey.cer to your app in the Azure portal
- * 3. note the displayed thumbprint for the certificate
- * 4. initialize ClientContext instance and pass thumbprint and the contents of private.key
+ * 2. upload the publickey.cer to your app in the Azure portal and note the displayed thumbprint for the certificate
+ * 3. initialize ClientContext instance and pass thumbprint and the contents of private.key
  *    along with tenantName and clientId into withClientCertificate method
  *
  * Documentation: https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread
@@ -18,21 +17,16 @@
 require_once __DIR__ . '/../vendor/autoload.php';
 $settings = include(__DIR__ . './../../tests/Settings.php');
 
-use Office365\Runtime\Auth\ClientCredential;
 use Office365\SharePoint\ClientContext;
 
-try {
 
-    $thumbprint = "054343442AC255DD07488910C7E000F92227FD98";
-    $privateKey = file_get_contents("./private.key");
+$thumbprint = "054343442AC255DD07488910C7E000F92227FD98";
+$privateKey = file_get_contents("./private.key");
 
-    $credentials = new ClientCredential($settings['ClientId'], $settings['ClientSecret']);
-    $ctx = (new ClientContext($settings['Url']))->withClientCertificate(
-        $settings['TenantName'], $settings['ClientId'], $privateKey, $thumbprint);
+$ctx = (new ClientContext($settings['Url']))->withClientCertificate(
+    $settings['TenantName'], $settings['ClientId'], $privateKey, $thumbprint);
 
-    $whoami = $ctx->getWeb()->getCurrentUser()->get()->executeQuery();
-    print $whoami->getLoginName();
-}
-catch (Exception $e) {
-	echo 'Authentication failed: ',  $e->getMessage(), "\n";
-}
+//$whoami = $ctx->getWeb()->getCurrentUser()->get()->executeQuery();
+//print $whoami->getLoginName();
+$web = $ctx->getWeb()->get()->executeQuery();
+print $web->getUrl();

src/Runtime/Auth/AuthenticationContext.php

@@ -113,7 +113,9 @@ public function acquireAppOnlyAccessToken($clientId, $clientSecret){
      */
     public function acquireAppOnlyAccessTokenWithCert($credentials){
         if(!isset($credentials->Scope)){
-            $credentials->Scope[] = "{$this->authorityUrl}/.default";
+            $hostInfo = parse_url($this->authorityUrl);
+            $defaultScope =  $hostInfo['scheme'] . '://' . $hostInfo['host'] . '/.default';
+            $credentials->Scope[] = $defaultScope;
         }
         $this->provider = new AADTokenProvider($credentials->Tenant);
         $this->accessToken = $this->provider->acquireTokenForClientCertificate($credentials);

src/SharePoint/ClientContext.php

@@ -147,6 +147,8 @@ public function withCredentials($credential)
     }
 
     /**
+     * Creates authenticated SharePoint context via certificate credentials
+     *
      * @return ClientContext
      */
     public function withClientCertificate($tenant, $clientId, $privateKey, $thumbprint, $scopes=null){

tests/Settings.php

@@ -19,10 +19,3 @@
 );
 
 
-
-
-
-
-
-
-