Merge remote-tracking branch 'origin/support/3.0' into support/3.1

datamodels/2.x/itop-oauth-client/assets/js/oauth_connect.js

@@ -92,6 +92,8 @@ const OAuthConnect = function(sClass, sId, sAjaxUri) {
 		function (oData) {
 			if (oData.status === 'success') {
 				oOpenSignInWindow(oData.data.authorization_url, 'OAuth authorization')
+			} else {
+				CombodoModal.OpenErrorModal(oData.error_description);
 			}
 		}
 	);

datamodels/2.x/itop-oauth-client/datamodel.itop-oauth-client.xml

@@ -380,6 +380,11 @@ HTML
           <default_value>no</default_value>
           <is_null_allowed>true</is_null_allowed>
         </field>
+        <field id="tenant" xsi:type="AttributeString">
+          <sql>tenant</sql>
+          <default_value>common</default_value>
+          <is_null_allowed>false</is_null_allowed>
+        </field>
       </fields>
       <presentation>
         <details>
@@ -405,15 +410,18 @@ HTML
                     <item id="redirect_url">
                       <rank>50</rank>
                     </item>
-                    <item id="client_id">
+                    <item id="tenant">
                       <rank>60</rank>
                     </item>
-                    <item id="client_secret">
+                    <item id="client_id">
                       <rank>70</rank>
                     </item>
-                    <item id="mailbox_list">
+                    <item id="client_secret">
                       <rank>80</rank>
                     </item>
+                    <item id="mailbox_list">
+                      <rank>90</rank>
+                    </item>
                   </items>
                 </item>
               </items>

datamodels/2.x/itop-oauth-client/dictionaries/en.dict.itop-oauth-client.php

@@ -93,6 +93,8 @@ Dict::Add('EN US', 'English', 'English', array(
 	'Class:OAuthClientAzure/Attribute:used_for_smtp+' => 'At least one OAuth client must have this flag to “Yes”, if you want iTop to use it for sending mails',
 	'Class:OAuthClientAzure/Attribute:used_for_smtp/Value:yes' => 'Yes',
 	'Class:OAuthClientAzure/Attribute:used_for_smtp/Value:no' => 'No',
+    'Class:OAuthClientAzure/Attribute:tenant' => 'Tenant',
+    'Class:OAuthClientAzure/Attribute:tenant+' => 'Tenant ID of the configured application. For multi-tenant application, use "common".',
 ));
 
 //

datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php

@@ -10,6 +10,7 @@ use cmdbAbstractObject;
 use Combodo\iTop\Application\TwigBase\Controller\Controller;
 use Combodo\iTop\Core\Authentication\Client\OAuth\OAuthClientProviderFactory;
 use Dict;
+use Exception;
 use IssueLog;
 use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
 use MetaModel;
@@ -32,8 +33,13 @@ class AjaxOauthClientController extends Controller
 
 		$aResult = ['status' => 'success', 'data' => []];
 
-		$sAuthorizationUrl = OAuthClientProviderFactory::GetAuthorizationUrl($oOAuthClient);
-		$aResult['data']['authorization_url'] = $sAuthorizationUrl;
+        try {
+            $sAuthorizationUrl = OAuthClientProviderFactory::GetAuthorizationUrl($oOAuthClient);
+            $aResult['data']['authorization_url'] = $sAuthorizationUrl;
+        } catch (Exception $oException) {
+            $aResult['status'] = 'error';
+            $aResult['error_description'] = $oException->getMessage();
+        }
 
 		$this->DisplayJSONPage($aResult);
 	}

sources/Core/Authentication/Client/OAuth/OAuthClientProviderAzure.php

@@ -20,6 +20,7 @@ class OAuthClientProviderAzure extends OAuthClientProviderAbstract
 			'clientId'               => $oOAuthClient->Get('client_id'),
 			'clientSecret'           => $oOAuthClient->Get('client_secret'),
 			'redirectUri'            => $oOAuthClient->Get('redirect_url'),
+            'tenant'                 => $oOAuthClient->Get('tenant'),
 		];
 
 		$this->oVendorProvider = new Azure($aOptions, $collaborators);