OAuth2登录哪个令牌提供用户详细信息,如电子邮件,用户名

时间:2017-02-20 07:49:43

标签: node.js outlook oauth-2.0 openid-connect

成功登录后,microsoft提供了这些令牌对象

哪个令牌包含用户详细信息以及如何获取

{ token_type: 'Bearer',
  scope: 'https://outlook.office.com/Calendars.Read',
  expires_in: 3600,
  ext_expires_in: 0,
  access_token: 'EwAYA+l3BAAUWm1xSeJRIJK6txKjBez4GzapzqMAAYFVBgaTrs3ZosM0HnTxd3nZSpyA9h212p05Es5F4O/qr0XX7jhQ3jfJf0Ww
Ffl54ct01Np+4u+ldfxSPswK+6J6PamfZffkWDO72BRyd054NG5lM7cY8qQvuzSn3a9TUD1fw6P+jEO6B4pa7AgS9RfSAtTIXKyo98+r/Hog+uhjntHSc
X8waNI9MLaBpT36YerwbHnaQirB7zPvL9Fi0ghf0dPtbDfypYNO3STiP9rho8iwx3DwKRN0bgpq/7RV5+6NURqRCnAUJ7QOK7PUuDjx06EF+/BuagmNZw
tCgfcEKWb5ckfLI6BRw/adNKSy0olWNX7rWFUQ0Hiq7gVcpakDZgAACLL1KiAs58qo6AGeGvuV7Ur6tNDXPlpQlkqthOFYsdRvv+F2ycohaM86eYh++Xj
gdB4rQM/eI7/BFsVZ+bBJFY9BaIdPhkZC8VJNgmkXRtOqYI8PE35x1bcDSRXOfv9wO0PPmUn3eq3ptze9WnMaLR2oq0JLxl9/N9CUU2Vlvc8SX4mU7wZ5
8QDtXHNOElBtkVl98gvd4dmsUSQLmfKErAEanpPdWFKu4i1LFiMUG2rA5yaP3UuTjOxnjynSk7ltGblsTG85YQFR4yCBJYIIFe5PRyFJv1ey4dZvFuVmS
VqBTw9W9I78la5n+fKyAZAWvZJB54gJrSfgtnS/j2nMoRvvwtozVjoKVhF1J4ye/6MUVareo1jp+4G+MxBpltzgxGsDIoajcS/yUD2QxVNKY0pLYdaTIP
FBALCeXCOEqET8ulb36YdSjFWH4eIxsY0u1TjRN+mIezOpxywqz13FmqT9gZctM1Am87O+5RSuU/M5VEzeVkyGgIC9P9JRiTCT2o7hcWSb5lv+Hvs5ojF
1mgZIIDwqmBxBFwyiB/QFaJIaFTwSk7aKolUy5Jp4C7yeib60CYtKMddyWTpw+cFeZHZhkWVFqV5GR3RVVHXMjfATSUdmbdO9qnJsIPqCPF1MJrII5ZId
EEGPi1xyye0pqjSJ6RoC',
  refresh_token: 'MCYeZJGPBGuzpTTCZtD5rd*!ka96mfkBTiNfQOS1h41TA8PZ2*81snoU!FBIja8jW5bDRSngAyRiquz1SOLqJDSJz1SikdLA9gj
0knhfgMblCgcHq4uTCOavwMLFBKR1mCOYOQcRoVrul6rHl1IKVFD61dGXRWqqvvieS4fMN*8EfLzDJW6i09wjDFacV!q*qdU0IEG61yUk9RcrYQUx11CI
dLTWGhuo476TuzA!5IJIHLPY661r0Y8*KgIR0!ugRqtmZari5jqbBt252lABJKYtOxQrYHA23dz5ukIOpAu4oJMkIgu2xMAxpZSUS6rylNAnKYV42RWAs
g!7Rzo2LVye1Kj6Pqa*7rz9urHpIa8zTeLRE8gWs!q2x2j1MtMNOMGdBWG8KN!AVl6P2T9Nq69rBvIC3dFtHqqmCJbxgkIVq1w153RNWv3V9QLT4H2U6J
w$$',
  id_token: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjFMVE16YWtpaGlSbGFfOHoyQkVKVlhlV01xbyJ9.eyJ2ZXIiOiIyLjAiLCJ
pc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vOTE4ODA0MGQtNmM2Ny00YzViLWIxMTItMzZhMzA0YjY2ZGFkL3YyLjAiLCJzdWIi
OiJBQUFBQUFBQUFBQUFBQUFBQUFBQUFQMXEtSzhiVXRjaGhJdzE1aTdjU2VVIiwiYXVkIjoiOWUwN2U3N2ItMzdlYi00MGQ0LTg3NTctNTYzMTY3OTU0M
Dg0IiwiZXhwIjoxNDg3NjYyOTQ5LCJpYXQiOjE0ODc1NzYyNDksInRpZCI6IjkxODgwNDBkLTZjNjctNGM1Yi1iMTEyLTM2YTMwNGI2NmRhZCJ9.d6ApS
kc0v74n4gTyy4v8Vo1aMokKnMuAaFpy71jHawvTNbFMeU_Fq0jtbjKYuzujIZV9jIGBjSlADcgIg2mQHhqvKWAPzoEUbxhnin4GN0XM9_XMCjQG6yBkhB
tJ8nk6mmqhfr-OvHGoFXOgLeFbkf0i8TJYuMmtnzUeDQQnOtihFQCJvy4agh2aiKG5IZaOR87I2DQ1is-6m3hFexKLLKwxDMjRmIHAaAm8uXrxGLGABJm
EJCybmF2jorhzmZ_qbmBVJXSy1DESgYf5CW9owwKnJA2taQQ3Hd472qHQ0Xay9XXSJMn94HwiK07DWQXIjP3F0nhND1o2R_61Rgju6g',
  expires_at: 2017-02-20T08:42:30.061Z }

解码id_token 它给出了

{ ver: '2.0',
  iss: 'https://login.microsoftonline.com/9188040d-6c67-4c5b-b112-36a304b66dad/v2.0',
  sub: 'AAAAAAAAAAAAAAAAAAAAAP1q-K8bUtchhIw15i7cSeU',
  aud: '9e07e77b-37eb-40d4-8757-563167954084',
  exp: 1487664645,
  iat: 1487577945,
  tid: '9188040d-6c67-4c5b-b112-36a304b66dad' }

但它不提供用户详细信息

或者我已经拿了一些id并且调用microsoft api来获取数据

1 个答案:

答案 0 :(得分:1)

Id令牌是唯一可以为您提供有关用户信息的令牌。 它至少包含用户唯一ID:sub声明。

ID令牌可能包含其他信息,例如地址,电话,电子邮件等,但取决于身份提供商政策

一般而言,根据OpenID Connect specification section 5.4,可以使用以下范围检索信息。

  • profile:提供用户名,性别,生日...
  • email:电子邮件
  • address:地址
  • phone:电话号码

我不知道有关这些范围的Microsoft政策。即使它们包含在您的授权请求中,也可能未在ID令牌中设置附加信息

相关问题
最新问题