堆栈内存溢出
  简体   繁体   English

Azure REST API-是否可以在php CMS中使用现有的Azure租户用户并远程使用和检查其凭据?

[英]Azure REST API - Is it possible to use existing Azure tenant users in php CMS and use and check their credentials remotely?

 原文  2016-10-16 10:07:41       php/ azure/ azure-active-directory

问题描述

Situation background: 情况背景:

We have company Azure with dozens of existing users with existing credentials for Azure access. 我们拥有拥有数十名现有用户的Azure公司,这些用户具有用于Azure访问的现有凭据。

Beside that, we have CMS (in PHP) on separate webhosting (no relationship with Azure, not hosted under Azure). 除此之外,我们在单独的虚拟主机上拥有CMS(PHP)(与Azure没有关系,也不在Azure下托管)。

What we need: 我们需要的:

All existing Azure users will be able to access in our web CMS and we have dilema if CMS (php script) will be possible to check credentials remotely by requesting Azure API. 所有现有的Azure用户都将能够在我们的Web CMS中访问,并且如果CMS(PHP脚本)可以通过请求Azure API远程检查凭据,则我们感到困惑。

Or even better if user is already logged in Azure account and have active cookie (like in Facebook), CMS would only request some users details and check users tenant and domain and allow access automatically without any login form. 甚至更好的情况是,如果用户已经登录了Azure帐户并具有有效的cookie(例如在Facebook中),则CMS仅请求一些用户详细信息并检查用户的租户和域,并自动允许访问而无需任何登录表单。

The best would be to combine both mentioned. 最好的方法是将上述两者结合起来。

The goal is: 目标是:

PHP script checking "Azure login cookie" (such as Facebook?) and ensuring communication with Azure API giving params like email and password and recieving true/false if some Azure user is exists for given credentials. PHP脚本检查“ Azure登录Cookie”(例如Facebook?),并确保与Azure API进行通信,以提供电子邮件和密码等参数,如果给定的凭据存在某些Azure用户,则接收true / false。

Appreciate any help and tips, regards, Jan. 感谢您的帮助和提示,问候。

1 个解决方案

解决方案1
 0  2016-10-17 10:10:07

The is no such Azure AD API that provide the service to check the credential. 没有提供用于检查凭据的服务的Azure AD API。 And the flow describe above that require users enter their Azure AD credentials in you apps which is more like Phishing which is easy to leakage the users credential. 上面描述的流程要求用户在您的应用程序中输入其Azure AD凭据,这更像网络钓鱼,这很容易泄露用户凭据。

If you want to authenticate your apps via Azure AD, you can using the OpenId connect stand protocol. 如果要通过Azure AD对应用程序进行身份验证,则可以使用OpenId Connect Stand协议。 Here is the authentication flow using the OpenId connect for your reference: 这是使用OpenId connect的身份验证流程,供您参考: 在此处输入图片说明

More detail about authorizing access to web applications using OpenID Connect and Azure Active Directory, you can refer here . 有关使用OpenID Connect和Azure Active Directory授权访问Web应用程序的更多详细信息,可以在此处参考。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AZURE人脸识别Rest API怎么用? - How to use AZURE face recognition Rest API? 适用于Azure AD租户/用户数的PHP Api - PHP Api for Azure AD tenant/User Count 是否可以使用 Azure 通信仅使用 REST 端点发送短信? - Is it possible to use Azure Communications to sent SMS using just REST endpoints? 在PHP中使用REST API - Use REST API in PHP Azure通知中心使用PHP的REST API - Azure Notification Hubs REST API with PHP 如何处理 Z2FEC392304A5C23AC138DA22847 中的 Azure REST API 响应 - How to process the Azure REST API response in PHP Windows Azure中的REST API - REST API in Windows Azure 是否可以使用Drupal api获取用户列表? - Is it possible to use the Drupal api to get a list of users? 如何使用PHP在Azure网站上使用URL重写 - How to use url rewriting on Azure website with PHP 如何在Azure中使用PHP路由脚本? - How to use PHP routing script in azure?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM