我是Node js的新手,我想使用Azure Active Directory进行身份验证。我按照Here
提到了下载节点和已安装的NPMnpm install express
npm install ejs
npm install ejs-locals
npm install restify
npm install mongoose
npm install bunyan
npm install assert-plus
npm install passport
npm install passport-azure-ad
之后根据文档,我按照步骤3:设置您的应用程序以使用passport-node-js策略
这是 config.js
exports.creds = {
returnURL: 'https://hpe.onmicrosoft.com/8d332647-xxxx-4xxc-8xx-11776XXXXX',
identityMetadata: 'https://login.microsoftonline.com', // For using Microsoft you should never need to change this.
clientID: '22XXXX9-b5fa-XXXXb-bc7a-XXXXXXXa92a',
clientSecret: 'Srekv8dM1NqP4Sqnxxxxxxxxxxxx', // if you are doing code or id_token code
skipUserProfile: true, // for AzureAD should be set to true.
responseType: 'id_token code', // for login only flows use id_token. For accessing resources use `id_token code`
responseMode: 'query', // For login only flows we should have token passed back to us in a POST
//scope: ['email', 'profile'] // additional scopes you may wish to pass
};
我在文档中提到的其余代码。
但是当我运行app.js时会遇到问题。
C:\Nikunj Data\Project\Active Directory\WebApp-OpenIDConnect-NodeJS-skeleton\node_modules\passport-azure-ad\lib\validator.js:51
throw new TypeError(`Invalid value for ${item}.${checker.error}`);
^
TypeError: Invalid value for redirectUrl.The URL must be valid and be https://
at Object.keys.forEach (C:\Nikunj Data\Project\Active Directory\WebApp-OpenIDConnect-NodeJS-skeleton\node_modules\passport-azure-ad\lib\validator.js:51:13)
at Array.forEach (native)
at Validator.validate (C:\Nikunj Data\Project\Active Directory\WebApp-OpenIDConnect-NodeJS-skeleton\node_modules\passport-azure-ad\lib\validator.js:37:28)
at new Strategy (C:\Nikunj Data\Project\Active Directory\WebApp-OpenIDConnect-NodeJS-skeleton\node_modules\passport-azure-ad\lib\oidcstrategy.js:495:13)
at Object.<anonymous> (C:\Nikunj Data\Project\Active Directory\WebApp-OpenIDConnect-NodeJS-skeleton\app.js:42:14)
at Module._compile (module.js:569:30)
at Object.Module._extensions..js (module.js:580:10)
at Module.load (module.js:503:32)
at tryModuleLoad (module.js:466:12)
at Function.Module._load (module.js:458:3)
请帮帮我..
此致 Nikunj
尝试1: 我尝试了Nan yu的建议代码,我收到了错误:
(node:2628) DeprecationWarning: `open()` is deprecated in mongoose >= 4.11.0, use `openUri()` instead, or set the `useMongoClient` option if using `connect()` or `createConnection()`. See http://mongoosejs.com/docs/connections.html#use-mongo-client
events.js:182
throw er; // Unhandled 'error' event
^
MongoError: failed to connect to server [localhost:27017] on first connect [MongoError: connect ECONNREFUSED 127.0.0.1:27017]
at Pool.<anonymous> (C:\Nikunj Data\Project\Active Directory\WebApp-OpenIDConnect-NodeJS-master\node_modules\mongodb\node_modules\mongodb-core\lib\topologies\server.js:329:35)
at emitOne (events.js:115:13)
at Pool.emit (events.js:210:7)
at Connection.<anonymous> (C:\Nikunj Data\Project\Active Directory\WebApp-OpenIDConnect-NodeJS-master\node_modules\mongodb\node_modules\mongodb-core\lib\connection\pool.js:280:12)
at Object.onceWrapper (events.js:318:30)
at emitTwo (events.js:125:13)
at Connection.emit (events.js:213:7)
at Socket.<anonymous> (C:\Nikunj Data\Project\Active Directory\WebApp-OpenIDConnect-NodeJS-master\node_modules\mongodb\node_modules\mongodb-core\lib\connection\connection.js:187:49)
at Object.onceWrapper (events.js:316:30)
at emitOne (events.js:115:13)
at Socket.emit (events.js:210:7)
at emitErrorNT (internal/streams/destroy.js:62:8)
at _combinedTickCallback (internal/process/next_tick.js:102:11)
at process._tickCallback (internal/process/next_tick.js:161:9)
答案 0 :(得分:3)
请参阅代码示例:Azure Active Directory OIDC Web Sample
重定向网址应与您的应用在AAD中注册的回复网址相匹配。在该文件中,它是http://localhost:3000/auth/openid/return
<强>更新
要使代码示例https://github.com/AzureADQuickStarts/WebApp-OpenIDConnect-NodeJS正常工作,请参阅以下步骤:
登录Azure门户。
在顶部栏上,点击您的帐户,然后在“目录”列表下,选择您希望注册申请的Active Directory租户。
点击左侧导航栏中的“更多服务”,然后选择“Azure Active Directory”。
点击App registrations,然后选择添加。
输入应用程序的友好名称,例如“WebApp-OpenIDConnect-nodejs”,并选择“Web应用程序和/或Web API”作为应用程序类型。对于登录URL,请输入样本的基本URL,默认情况下为http://localhost:3000/。单击“创建”以创建应用程序。
在Azure门户网站中,选择您的应用程序,点击Settings并选择Reply URLs。添加回复网址:http://localhost:3000/auth/openid/return,点击保存按钮。
找到应用程序ID值并将其复制到剪贴板。在代码示例中打开config.js文件,将clientID替换为应用程序ID值。
使用域名或租户指南设置identityMetadata。
在Azure门户中,选择您的应用程序,单击Settings并选择Keys。添加应用密钥并复制到clientSecret中的config.js。
如果要将mongoDB会话存储用于会话中间件,请将useMongoDBSessionStore设置为true,将正确的数据库URL值更新为exports.databaseUri .,否则将useMongoDBSessionStore设置为false以使用默认值会话商店。
运行该应用。在终端中使用以下命令:node app.js。
打开浏览器,输入http://localhost:3000并尝试使用您的应用。