AuthorizationUrl is not correct

[dbrmr]

Hello,

I am trying to upgrade my application to use msgraph-sdk-php v2 and found this issue in this package.

$tokenRequestContext = new AuthorizationCodeContext(
    'tenantId', 'clientId', 'clientSecret', 'authCode', 'redirectUri');

$scopes = ['User.Read'];
$authProvider = new GraphPhpLeagueAuthenticationProvider($tokenRequestContext, $scopes);
$redirectUrl = $authProvider->getAccessTokenProvider()
    ->getOauthProvider()->getAuthorizationUrl();

The authorization url is not correct because of:

1. AADSTS900144: The request body must contain the following parameter: 'client_id'.
2. AADSTS900144: The request body must contain the following parameter: 'scope'.
3. Also the redirectUri is missing, there is no specific error for this, but it is necessary.

The clientId and redirectId issues could be fixed in the ProviderFactory class when creating the GenericProvider.
The scopes issue could be fixed in the PhpLeagueAccessTokenProvider constructor and pass them to the ProviderFactory::create, and then to the GenericProvider.

The goal is to have the League\OAuth2\Client\Provider\GenericProvider class fully equipped, which might also require passing the clientSecret to it, but it is not necessary for getAuthorizationUrl().

I can imagine that this fix might not be as simple as I described, but if you could look into it, it would be greatly appreciated.

Thanks!

[tarkanaydin]

PhpLeagueAccessTokenProvider is missing to include $scopes in parameter list of ProviderFactory->create

kiota-authentication-phpleague-php/src/PhpLeagueAccessTokenProvider.php

Line 94 in 3335c7d

$this->oauthProvider = $oauthProvider ?? ProviderFactory::create($tokenRequestContext);

Also, ProviderFactory->create method is missing to include neccesary data that $tokenRequestContext when creating GenericProvider as $clientOptions is empty

kiota-authentication-phpleague-php/src/Oauth/ProviderFactory.php

Lines 41 to 51 in 3335c7d

	$allOptions = array_merge(
	[
	'urlAccessToken' => "$tokenServiceBaseUrl/{$tokenRequestContext->getTenantId()}/oauth2/v2.0/token",
	'urlAuthorize' => "$tokenServiceBaseUrl/{$tokenRequestContext->getTenantId()}/oauth2/v2.0/authorize",
	'urlResourceOwnerDetails' => "$userInfoServiceBaseUrl/oidc/userinfo",
	'accessTokenResourceOwnerId' => 'id_token'
	], $clientOptions
	);
	return new GenericProvider($allOptions, $collaborators + [
	'grantFactory' => $grantFactory
	]);

[dbrmr]

PhpLeagueAccessTokenProvider is missing to include $scopes in parameter list of ProviderFactory->create

kiota-authentication-phpleague-php/src/PhpLeagueAccessTokenProvider.php

Line 94 in 3335c7d

$this->oauthProvider = $oauthProvider ?? ProviderFactory::create($tokenRequestContext);

Also, ProviderFactory->create method is missing to include neccesary data that $tokenRequestContext when creating GenericProvider as $clientOptions is empty

kiota-authentication-phpleague-php/src/Oauth/ProviderFactory.php

Lines 41 to 51 in 3335c7d

	$allOptions = array_merge(
	[
	'urlAccessToken' => "$tokenServiceBaseUrl/{$tokenRequestContext->getTenantId()}/oauth2/v2.0/token",
	'urlAuthorize' => "$tokenServiceBaseUrl/{$tokenRequestContext->getTenantId()}/oauth2/v2.0/authorize",
	'urlResourceOwnerDetails' => "$userInfoServiceBaseUrl/oidc/userinfo",
	'accessTokenResourceOwnerId' => 'id_token'
	], $clientOptions
	);
	return new GenericProvider($allOptions, $collaborators + [
	'grantFactory' => $grantFactory
	]);

Thanks for your input.

I ended giving up on using the php sdk, and moved everything talking to the MS Graph to a .NET component.