我正在使用https://github.com/AzureAD/passport-azure-ad插件与Azure AD Graph API配合使用。
package.json中的依赖项
"passport-azure-ad": "^3.0.12"
我引用了此处提供的示例:https://github.com/AzureADQuickStarts/WebApp-OpenIDConnect-NodeJS
我能够做auth并得到access_token和refresh_token。但是最后一个参数是
TypeError: done is not a function
我的代码是使用Typescript我的策略代码编写的:
passport.use( new OIDCStrategy( {
identityMetadata: "https://login.microsoftonline.com/" + tenantName + "/v2.0/.well-known/openid-configuration",
clientID: clientID,
responseType: app_properties.responseType,
responseMode: app_properties.responseMode,
redirectUrl: app_properties.redirectUrl,
allowHttpForRedirectUrl: app_properties.allowHttpForRedirectUrl,
clientSecret: clientSecret,
validateIssuer: app_properties.validateIssuer,
isB2C: app_properties.isB2C,
issuer: app_properties.issuer,
passReqToCallback: app_properties.passReqToCallback,
scope: app_properties.scope,
loggingLevel: app_properties.loggingLevel,
nonceLifetime: app_properties.nonceLifetime,
nonceMaxAmount: app_properties.nonceMaxAmount,
useCookieInsteadOfSession: app_properties.useCookieInsteadOfSession,
cookieEncryptionKeys: app_properties.cookieEncryptionKeys,
clockSkew: app_properties.clockSkew
},
function ( iss: any, sub: any, profile: any, accessToken: any, refreshToken: any, done: any ) {
if ( iss ) {
console.log( 'iss' + JSON.stringify( iss ) );
}
if ( sub ) {
console.log( 'sub' + JSON.stringify( sub ) );
}
if ( accessToken ) {
console.log( 'Received accessToken ' + accessToken );
}
if ( refreshToken ) {
console.log( 'Received refreshToken ' + refreshToken );
}
if ( !profile.oid ) {
console.log( 'Received accessToken ' + accessToken );
return done( new Error( "No oid found" ), null );
}
if ( profile ) {
console.log( 'profile' + JSON.stringify( profile ) );
}
return done(null, profile);
} ) );
此外,根据文档,自定义状态参数不会保留状态字符串
customState: if you want to use a custom state value instead of a randomly generated one
为什么done不起作用?另外,如何维护状态?
下面是我的应用服务器中的重定向URL调用终结点函数
export function authAzureAd( req: Request, res: Response, next: any ) {
passport.authenticate( 'azuread-openidconnect' , function ( err: any, user: any, info: any ) {
if ( err ) {
return next( err );
}
if ( !user ) {
return res.send( { success: false, message: 'authentication failed' } );
}
console.info( 'user: ' + JSON.stringify( user ) );
return res.send( { success: true, message: 'authentication succeeded' } );
} )( req, res, next );
} catch ( err ) {
console.info( err );
res.status( 500 ).send( { message: err.message } );
}
}
Auth Callback POST API端点函数调用如下:
export function authCallback(req: Request, res: Response, next: any) {
console.info('In the AzureAD callback, next = '+next);
if (next == null) { // If we want something else to happen here, we can do it
next = () => {};
}
try {
passport.authenticate('azuread-openidconnect', { failureRedirect: '/login', customState: 'my_state', successRedirect: '/dashboard' })(req, res, next)
} catch (err) {
console.info(err);
res.status(500).send({ message: err.message });
}
}
更新
1]关于TypeError: done is not a function我更新了package.json以使其具有"passport-azure-ad": "4.0.0"而不是"passport-azure-ad": "^3.0.12"的依赖关系,然后done开始使用process.nextTick()中的定义the documentation.
2]关于customState,我在req.body.state而不是req.query.state中得到了状态参数。 See this question.使用azure-ad进行身份验证回调的原因恰好是HTTP POST,而不是其他OAuth流中的HTTP GET。因此,状态是身体的一部分。
答案 0 :(得分:0)
更新
1]关于TypeError: done is not a function我更新了package.json以使其具有"passport-azure-ad": "4.0.0"而不是"passport-azure-ad": "^3.0.12"的依赖关系,然后done开始使用process.nextTick()中的定义the documentation.
2]关于customState,我在req.body.state而不是req.query.state中得到了状态参数。 See this question.使用azure-ad进行身份验证回调的原因恰好是HTTP POST,而不是其他OAuth流中的HTTP GET。因此,状态是身体的一部分。