Hey there, I see you've been stuck on this curl issue for hours—let's break this down and fix it step by step.

First, let's spot the key issues in your current code:

• Conflicting curl options: You're using both CURLOPT_POST and CURLOPT_CUSTOMREQUEST set to "POST". This is redundant and can cause unexpected behavior—CURLOPT_CUSTOMREQUEST overrides the CURLOPT_POST setting, and you don't need it here for a standard POST request.
• Unreachable error check: Your curl_error($ch) line comes after return $token, so it will never run. That means you're missing critical error details that could tell you exactly what's failing.
• Unclosed curl handle: You forgot to close the curl session with curl_close($ch), which isn't a breaking issue but is good practice.

Here's a revised version of your code with these fixes and proper error handling:

function getToken() {
    echo "start gettoken";
    $postFields = http_build_query([
        "client_id" => "***",
        "scope" => "https://graph.microsoft.com/.default",
        "client_secret" => "***",
        "grant_type" => "client_credentials"
    ]);
    
    $headers = ["Content-Type: application/x-www-form-urlencoded"];
    $ch = curl_init("https://login.microsoftonline.com/***.onmicrosoft.com/oauth2/v2.0/token");
    
    // Standard POST request settings
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $postFields);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    
    // Optional: Disable SSL verification temporarily for debugging (avoid in production!)
    // curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    // curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
    
    $token = curl_exec($ch);
    echo "test after curl";
    
    // Check for curl errors first
    if(curl_errno($ch)) {
        $errorMsg = curl_error($ch);
        echo "Curl Error: " . $errorMsg;
        var_dump($errorMsg);
    } else {
        var_dump($token);
        echo $token;
    }
    
    curl_close($ch); // Clean up the curl session
    return $token;
}

Next, let's go through additional troubleshooting steps based on common pitfalls:

• Confirm curl is properly enabled:

  • Double-check extension=php_curl.dll is uncommented in your php.ini.
  • Restart your web server (Apache/Nginx/IIS) after editing php.ini.
  • Run phpinfo() and search for the curl section to verify it's loaded.

• Fix SSL certificate issues:

  • If disabling SSL verification in the code above makes it work, you need to configure PHP curl to use a valid CA certificate bundle. Download the official CA bundle, save it to your server, and add this line to php.ini: curl.cainfo = "path/to/your/cacert.pem" (replace with the actual file path).

• Validate your request parameters:

  • Ensure your client_id, client_secret, and tenant ID (the ***.onmicrosoft.com part) are all correct.
  • The scope value https://graph.microsoft.com/.default is valid for the client credentials flow, so that part is good.

• Test the request outside PHP:

  • Use terminal curl to test the request directly—this helps isolate if the issue is with PHP or your request:

    curl -X POST https://login.microsoftonline.com/***.onmicrosoft.com/oauth2/v2.0/token \
    -H "Content-Type: application/x-www-form-urlencoded" \
    -d "client_id=***&scope=https://graph.microsoft.com/.default&client_secret=***&grant_type=client_credentials"
    

  • If this works, the problem is in your PHP setup; if not, check your Azure AD app registration (make sure client credentials flow is enabled and the client secret is valid).

Give these changes a try—once you see the curl error message, it'll point you straight to the root cause if the revised code still doesn't work.

内容的提问来源于stack exchange，提问作者Y_Lakdime