Mantis Bugtracker 

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0008591TestLinkUser Authentication Methodspublic2019-03-08 17:332020-05-24 09:34
Assigned Tofman 
PrioritynormalSeverityfeature requestReproducibilityN/A
PlatformLinuxOSDebianOS Version9
Product Version1.9.19 (2019 Q1) 
Fixed in Version1.9.20_fixed 
Summary0008591: OAuth enhancement - microsoft oauth provider
DescriptionAdded oauth provider configuration and code to enable authentication using Microsoft accounts

Additional InformationAdded new file microsoftoauth.php (copied relevant sections from login.php) to cater for Microsoft configuration that does not allow redirectURL to contain querystring for security purposes.

Pull request [^]
Database (MySQL,Postgres,etc)mysql
PHP Version7.1
QA Team - Task Workflow StatusTBD
Attached Files

- Relationships

-  Notes
buzzlightyear (reporter)
2019-03-09 13:27
edited on: 2019-03-09 13:31

1. To register an application go to [^]
2. After signing in with your Microsoft account add an application by clicking Add an app.
3. Enter a name for your application and click Create Application
4. The application will be created, and the application details page will be displayed, which will list the Application Id. Click Generate New Password to generate a new password. The generated password will be displayed, copy it to configure it later in TestLink and click Ok
5. Under Platforms click Add Platform and click Web
6. Enter https://yourtestlinkserver/microsoftoauth.php [^] in the Redirect URL and https://yourtestlinkserver [^] in the Logout URL. The User.Read should be displayed under Microsoft Graph permissions by default, click Save at the bottom of the page to store all the changes.
7. Connect to your testlink server, open in a text editor and uncomment the $tlCfg->OAuthServers[1] lines referring to Microsoft below the Github OAuth section
8. Set the oauth_client_id value to the Application Id from
9. Set the oauth_client_secret to the password generated in step 4.
10. Set the redirect_uri to the same value configured in the Redirect URL in step 6.
11. Save the config, and browse to the main page of your TestLink installation using your browser. You should see another button below the normal Log in button with the name Sign in with Microsoft. Click it, and you will be prompted for your Microsoft account details, after which you will have to give consent to the app (TestLink) to read your profile.
12. Click Yes, and you should be returned to your TestLink instance, and be logged in with a user with guest role.
13. You can change this to by default create a user with no rights, by editing and changing the value of $tlCfg->default_roleid to TL_ROLES_NO_RIGHTS;


P.S. Microsoft might prompt (irritate?!) you to view the App configuration in the Azure portal, the instructions above is not for the Azure portal but for [^]

buzzlightyear (reporter)
2019-03-09 13:34

Should you be viewing/editing via Azure, your applications can be viewed by nagigating to [^] and clicking the Applications from personal account next to All applications and Own applications. I've noticed that my application was NOT listed under All applications, only under Applications from personal account.
buzzlightyear (reporter)
2019-03-09 13:56

It is possible to use both Office365 accounts as well as personal Microsoft accounts to authenticate. I configured my application using a free personal Microsoft account.
fman (administrator)
2019-03-14 20:52

Thanks for the details you have added.
fman (administrator)
2020-04-21 17:59

Implementation refactored -> microsoftoauth.php removed
tested OK @20200421

- Issue History
Date Modified Username Field Change
2019-03-08 17:33 buzzlightyear New Issue
2019-03-09 13:27 buzzlightyear Note Added: 0028580
2019-03-09 13:31 buzzlightyear Note Edited: 0028580 View Revisions
2019-03-09 13:34 buzzlightyear Note Added: 0028581
2019-03-09 13:56 buzzlightyear Note Added: 0028582
2019-03-14 20:52 fman Note Added: 0028600
2020-04-21 17:59 fman Note Added: 0029614
2020-04-21 17:59 fman QA Team - Task Workflow Status => TBD
2020-04-21 17:59 fman Fixed in Version => 1.9.20_fixed
2020-04-21 17:59 fman Status new => resolved
2020-04-21 17:59 fman Resolution open => fixed
2020-04-21 17:59 fman Assigned To => fman
2020-05-24 09:34 fman Tag Attached: OAUTH

Copyright © 2000 - 2020 MantisBT Team
Powered by Mantis Bugtracker