我尝试使用Passport连接到Office365。我收到auth提示符并返回访问令牌。问题是刷新令牌未定义。
我的设置
// In app.js
const creds = {
redirectUrl: 'http://localhost:3000/token',
clientID: '<myClientId>',
clientSecret: '<mySecret>',
identityMetadata: 'https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration',
allowHttpForRedirectUrl: true, // For development only
accessType: 'offline',
responseType: 'code',
validateIssuer: false, // For development only
responseMode: 'query',
scope: [
'Contacts.Read',
...
]
};
const callback = (iss, sub, profile, accessToken, refreshToken, done) => {
console.log('Refresh Token: ', refreshToken); // this is undefined
done(null, {
profile,
accessToken,
refreshToken
});
};
passport.use(new OIDCStrategy(creds, callback));
// When I authenticate
const passportSettings = {
accessType: 'offline',
approvalPrompt: 'consent'
};
// Authentication request.
router.get('/login', (req, res, next) => {
passport.authenticate('azuread-openidconnect', passportSettings, (err, user, info) => {
// Do stuff.
});
});
我尝试的事情:
accessType设置的位置。我真的不知道为什么这不起作用。使用Google策略只需设置“离线”类型即可。似乎已经足够了。
答案 0 :(得分:1)
您似乎需要将offline_access范围添加到应用注册以及配置中。请参阅https://github.com/AzureAD/passport-azure-ad/issues/322。