N°5775 - Allow configuration of OAuth client on MS Azure with single tenant (#553)

* Add Tenant-Support for Azure OAuthClient * Improvement: Make tenant required * Improvment: Removed check for null-value Since last commit, the "tenant"-field either set to a custom value or "common" by default. It is not allowed to be null * Add field description --------- Co-authored-by: Molkobain <lajarige.guillaume@free.fr>
2026-04-23 18:48:51 +02:00 · 2024-01-24 14:38:54 +01:00
parent 01a955a16f
commit 618d8e6468
3 changed files with 15 additions and 4 deletions
--- a/datamodels/2.x/itop-oauth-client/datamodel.itop-oauth-client.xml
+++ b/datamodels/2.x/itop-oauth-client/datamodel.itop-oauth-client.xml
@@ -339,6 +339,11 @@
          <default_value>no</default_value>
          <is_null_allowed>true</is_null_allowed>
        </field>
+        <field id="tenant" xsi:type="AttributeString">
+          <sql>tenant</sql>
+          <default_value>common</default_value>
+          <is_null_allowed>false</is_null_allowed>
+        </field>
      </fields>
      <presentation>
        <details>
@@ -364,15 +369,18 @@
                    <item id="redirect_url">
                      <rank>50</rank>
                    </item>
-                    <item id="client_id">
+                    <item id="tenant">
                      <rank>60</rank>
                    </item>
-                    <item id="client_secret">
+                    <item id="client_id">
                      <rank>70</rank>
                    </item>
-                    <item id="mailbox_list">
+                    <item id="client_secret">
                      <rank>80</rank>
                    </item>
+                    <item id="mailbox_list">
+                      <rank>90</rank>
+                    </item>
                  </items>
                </item>
              </items>
--- a/datamodels/2.x/itop-oauth-client/en.dict.itop-oauth-client.php
+++ b/datamodels/2.x/itop-oauth-client/en.dict.itop-oauth-client.php
@@ -93,6 +93,8 @@ Dict::Add('EN US', 'English', 'English', array(
 	'Class:OAuthClientAzure/Attribute:used_for_smtp+' => 'At least one OAuth client must have this flag to “Yes”, if you want iTop to use it for sending mails',
 	'Class:OAuthClientAzure/Attribute:used_for_smtp/Value:yes' => 'Yes',
 	'Class:OAuthClientAzure/Attribute:used_for_smtp/Value:no' => 'No',
+    'Class:OAuthClientAzure/Attribute:tenant' => 'Tenant',
+    'Class:OAuthClientAzure/Attribute:tenant+' => 'Tenant ID of the configured application. For multi-tenant application, use common.',
 ));

 //
--- a/sources/Core/Authentication/Client/OAuth/OAuthClientProviderAzure.php
+++ b/sources/Core/Authentication/Client/OAuth/OAuthClientProviderAzure.php
@@ -20,8 +20,9 @@ class OAuthClientProviderAzure extends OAuthClientProviderAbstract
 			'clientId'               => $oOAuthClient->Get('client_id'),
 			'clientSecret'           => $oOAuthClient->Get('client_secret'),
 			'redirectUri'            => $oOAuthClient->Get('redirect_url'),
+            'tenant'                 => $oOAuthClient->Get('tenant'),
 		];

 		$this->oVendorProvider = new Azure($aOptions, $collaborators);
 	}
-}
+}