Azure密钥保管库访问错误-AADSTS700027:客户端断言包含无效签名.[通过PHP访问时的原因-T(截断..)

我正试图通过使用以下示例将Azure密钥库集成到我的PHP应用程序中。

https://github.com/bentaylorwork/php-azure-key-vault

和使用https://tsmatz.wordpress.com/2017/03/03/azure-rest-api-with-certificate-and-service-principal-by-silent-backend-daemon-service/参考

使用文章中提到的方法和GIT库，我能够从Azure密钥库中获取我的秘密。然而，这里的挑战是，所述方法使用客户端机密而不是证书进行身份验证(这是我的首选方法(。

我已经对上述库进行了相同的更改，并发送了以下认证请求：

public static function getKeyVaultToken(array $azureAppDetails)
{
$guzzle = new GuzzleHttpClient();
$token = $guzzle->post(
"https://login.microsoftonline.com/{$azureAppDetails['appTenantDomainName']}/oauth2/token",
[
'form_params' => [
'client_id'     => $azureAppDetails['clientId'],
'client_assertion_type' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
'resource'      => 'https://management.azure.com/',
'grant_type'    => 'client_credentials',
'client_assertion' => '', // This contains JWT token consisting with header, payload and digital signature using key.
]
]
)->getBody()->getContents();
return json_decode($token, true)['access_token'];
}

这里的标题，有效载荷如下：

$header = json_encode(['x5t' => 'thumbprint of certificate uploaded on Aazure', 'alg' => 'RS256', 'typ' => 'JWT']);
$payload = json_encode(['aud' => "https://login.microsoftonline.com/$azureAppDetails['appTenantDomainName']/oauth2/token", "exp" => 1609372800, "iss" => "ClientID", "jti" => "77b2b25f-0288-471f-8b44-3f3c134c0d4f","nbf" => 1603929600,"sub" => "ClientID" ]);

此处的客户端断言是以下各项的组合：

base64uriencode($header).base64uriencode($payload).base65uriencode(digitalsignature)

当我发送带有所述参数的上述请求时，我得到以下错误：

Fatal error: Uncaught exception 'GuzzleHttpExceptionClientException' with message 'Client error: `POST https://login.microsoftonline.com/xxxxx.onmicrosoft.com/oauth2/token` resulted in a `401 Unauthorized` response: {"error":"invalid_client","error_description":"AADSTS700027: Client assertion contains an invalid signature. [Reason - T (truncated...)

如果能对我做错的事情提供任何帮助或指导，我们将不胜感激。

提前谢谢。