使用Node.js Passport的Azure AD身份验证返回此API版本不支持'

时间:2015-10-20 09:22:00

标签: node.js azure passport.js adal

我目前正在开发一个利用Azure AD进行身份验证的应用程序。该应用程序应支持多个租户,但只允许预先定义的租户列表访问该应用程序。使用passport-azure-ad库,我将OIDCStrategy添加到护照中,如下所示:

// Use Azure AD OAuth2 strategy.
passport.use('strategyName', new OIDCStrategy({
    callbackURL: 'http://localhost:8080/oauth2/strategyName/callback',
    clientID: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx',
    clientSecret: 'secret',
    identityMetadata: 'https://login.microsoftonline.com/test.mydomain.com/v2.0/.well-known/openid-configuration',
    responseType: 'id_token',
    responseMode: 'form_post',
    skipUserProfile: true
  },
  function (iss, sub, profile, accessToken, refreshToken, done) {
    console.log(profile);
    done();
}));

在我的路线中,我有以下设置:

// Authentication endpoint.
router.get('/strategyName', app.passport.authenticate('strategyName'));
router.post('/strategyName/callback',
  function (req, res, next) {
    app.passport.authenticate('strategyName', function (err, account) {
      console.log(err);
      console.log(account);
      next(err);
    })(req, res, next);
  }
);

当我访问http://localhost:8080/oauth2/strategyName时,我会被正确地重定向到Microsoft登录页面。但是,在身份验证之后,我在控制台中收到此消息:

{
  "name": "Microsoft OIDC Passport Strategy",
  "hostname": "611b0a5198dd",
  "pid": 60,
  "level": 30,
  "msg": "Body received was:  { error: 'unauthorized_client',\n  error_description: 'AADSTS70001: Application \\'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\\' is not supported for this API version.\\r\\nTrace ID: c8f56153-1125-44ac-af12-55f69b421d36\\r\\nCorrelation ID: d20580ba-75d4-47b9-9497-6a6b02cd72a7\\r\\nTimestamp: 2015-10-20 09:00:15Z' }",
  "time": "2015-10-20T09:00:16.266Z",
  "v": 0
}

我在Azure管理门户中添加了一个名为test.mydomain.com的目录,并且还添加了该应用程序。

Azure Screenshot

0 个答案:

没有答案
相关问题
最新问题