diff --git a/datamodels/2.x/itop-oauth-client/assets/js/oauth_connect.js b/datamodels/2.x/itop-oauth-client/assets/js/oauth_connect.js
index 6b8b6c801..7b0635b33 100644
--- a/datamodels/2.x/itop-oauth-client/assets/js/oauth_connect.js
+++ b/datamodels/2.x/itop-oauth-client/assets/js/oauth_connect.js
@@ -92,6 +92,8 @@ const OAuthConnect = function(sClass, sId, sAjaxUri) {
function (oData) {
if (oData.status === 'success') {
oOpenSignInWindow(oData.data.authorization_url, 'OAuth authorization')
+ } else {
+ CombodoModal.OpenErrorModal(oData.error_description);
}
}
);
diff --git a/datamodels/2.x/itop-oauth-client/datamodel.itop-oauth-client.xml b/datamodels/2.x/itop-oauth-client/datamodel.itop-oauth-client.xml
index b934aba00..3e82b7533 100644
--- a/datamodels/2.x/itop-oauth-client/datamodel.itop-oauth-client.xml
+++ b/datamodels/2.x/itop-oauth-client/datamodel.itop-oauth-client.xml
@@ -380,6 +380,11 @@ HTML
no
true
+
+ tenant
+ common
+ false
+
@@ -405,15 +410,18 @@ HTML
-
50
- -
+
-
60
- -
+
-
70
- -
+
-
80
+ -
+ 90
+
diff --git a/datamodels/2.x/itop-oauth-client/dictionaries/en.dict.itop-oauth-client.php b/datamodels/2.x/itop-oauth-client/dictionaries/en.dict.itop-oauth-client.php
index 2b179f0de..05a7b2237 100644
--- a/datamodels/2.x/itop-oauth-client/dictionaries/en.dict.itop-oauth-client.php
+++ b/datamodels/2.x/itop-oauth-client/dictionaries/en.dict.itop-oauth-client.php
@@ -93,6 +93,8 @@ Dict::Add('EN US', 'English', 'English', array(
'Class:OAuthClientAzure/Attribute:used_for_smtp+' => 'At least one OAuth client must have this flag to “Yes”, if you want iTop to use it for sending mails',
'Class:OAuthClientAzure/Attribute:used_for_smtp/Value:yes' => 'Yes',
'Class:OAuthClientAzure/Attribute:used_for_smtp/Value:no' => 'No',
+ 'Class:OAuthClientAzure/Attribute:tenant' => 'Tenant',
+ 'Class:OAuthClientAzure/Attribute:tenant+' => 'Tenant ID of the configured application. For multi-tenant application, use "common".',
));
//
diff --git a/datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php b/datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php
index 723fc189d..d336ae026 100644
--- a/datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php
+++ b/datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php
@@ -10,6 +10,7 @@ use cmdbAbstractObject;
use Combodo\iTop\Application\TwigBase\Controller\Controller;
use Combodo\iTop\Core\Authentication\Client\OAuth\OAuthClientProviderFactory;
use Dict;
+use Exception;
use IssueLog;
use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use MetaModel;
@@ -32,8 +33,13 @@ class AjaxOauthClientController extends Controller
$aResult = ['status' => 'success', 'data' => []];
- $sAuthorizationUrl = OAuthClientProviderFactory::GetAuthorizationUrl($oOAuthClient);
- $aResult['data']['authorization_url'] = $sAuthorizationUrl;
+ try {
+ $sAuthorizationUrl = OAuthClientProviderFactory::GetAuthorizationUrl($oOAuthClient);
+ $aResult['data']['authorization_url'] = $sAuthorizationUrl;
+ } catch (Exception $oException) {
+ $aResult['status'] = 'error';
+ $aResult['error_description'] = $oException->getMessage();
+ }
$this->DisplayJSONPage($aResult);
}
diff --git a/sources/Core/Authentication/Client/OAuth/OAuthClientProviderAzure.php b/sources/Core/Authentication/Client/OAuth/OAuthClientProviderAzure.php
index 667d5875a..e77141d72 100644
--- a/sources/Core/Authentication/Client/OAuth/OAuthClientProviderAzure.php
+++ b/sources/Core/Authentication/Client/OAuth/OAuthClientProviderAzure.php
@@ -20,8 +20,9 @@ class OAuthClientProviderAzure extends OAuthClientProviderAbstract
'clientId' => $oOAuthClient->Get('client_id'),
'clientSecret' => $oOAuthClient->Get('client_secret'),
'redirectUri' => $oOAuthClient->Get('redirect_url'),
+ 'tenant' => $oOAuthClient->Get('tenant'),
];
$this->oVendorProvider = new Azure($aOptions, $collaborators);
}
-}
\ No newline at end of file
+}