MSAL libraries have been announced for:
- .NET (unsurprisingly)
- JavaScript and TypeScript superset framworks
- Android
- iOS and MacOS
- Java (for Windows, macOS and Linux)
- Python (Windows, macOS, and Linux)
But lack of PHP support for SMTP AUTH with Oauth2 will have a devastating impact on the zillions of backend apps that currently use Basic Authentication.
As an example, the hugely popular PHPMailer used, I guess, on every Linux / Apache server in the universe supports Oauth2 for access to Gmail, Yahoo and the older MSFT consumer mail platforms and (with some difficulty) for the Azure AD for developers (v1.0) endpoint but not for the MSFT identity platform (v2.0) endpoint: when pointed at V2.0 in order to use SMTP AUTH for outbound access to O365 Exchange Online, it will fail, even with the obvious changes to ‘authorise’ and ‘token’ endpoint URLs and to scopes (aka permissions).
And SMTP AUTH support has only and understandably been announced for the V2.0 endpoint so there is no way to regress via V1.0, even as a stopgap.
Deprecating Basic Authentication is a sensible move, but Oauth2 is FAR more complex to work with, and since MSFT wants everyone to be on O365 (and why not?), MSAL support for PHP would be appreciated. All the backend PHP apps that need to use Oauth2 to access O365 services will need rework, and it seems sensible integrate MSAL instead of direct calls to the V2.0 endpoint.