[英]Creating users in tenant using Microsoft Office 365 API and link it to chrome Id
I manually created a user in Azure active directory for my project and I am able to get the users. 我在Azure活动目录中为我的项目手动创建了一个用户,并且能够获取用户。 I made a chrome extension and GCM provides me a ID which I want to be linked with the microsoft account. 我做了一个chrome扩展程序,GCM为我提供了一个我想与Microsoft帐户关联的ID。
So for each user, I want a GCM id (got this part) and an Azure AD Id linked together. 因此,对于每个用户,我希望将GCM ID(获得此部分)和Azure AD ID链接在一起。
I was doing the following: 我正在执行以下操作:
router.route('/users')
// create a user accessed at POST http://localhost:8080/api/users)
.post(function(req, res) {
// Get an access token for the app.
auth.getAccessToken().then(function (token) {
console.log(token)
var user = new User({
officeId: token,
name : req.body.name,
email :req.body.email,
chromeId : req.body.chromeId
});
user.save(function(err) {
if (err)
res.send(err);
res.json({ message: 'User created!' });
});
});
});
However, what this does is take the auth token id, chromeId, name and email and just adds it to my mongoose database. 但是,此操作需要使用auth令牌ID,chromeId,名称和电子邮件,并将其添加到我的猫鼬数据库中。
What can I do differently in order to get what I want to achieve? 为了获得想要实现的目标,我可以做些什么? My teammate says what I am doing is correct but I checked the Azure AD and I don't see my user authorized there. 我的队友说我正在做的事是正确的,但是我检查了Azure AD,但没有看到我的用户被授权。
Btw, in the front-end, I ask a user to give their microsoft email and name. 顺便说一句,在前端,我请用户提供他们的Microsoft电子邮件和名称。
Also, I merged my code with the code found here https://github.com/OfficeDev/O365-Nodejs-Microsoft-Graph-App-only 另外,我将代码与此处找到的代码合并在一起https://github.com/OfficeDev/O365-Nodejs-Microsoft-Graph-App-only
// @name getAccessToken
// @desc Makes a request for a token using client credentials.
auth.getAccessToken = function () {
var deferred = Q.defer();
// These are the parameters necessary for the OAuth 2.0 Client Credentials Grant Flow.
// For more information, see Service to Service Calls Using Client Credentials (https://msdn.microsoft.com/library/azure/dn645543.aspx).
var requestParams = {
'grant_type': 'client_credentials',
'client_id': config.clientId,
'client_secret': config.clientSecret,
'resource': 'https://graph.microsoft.com'
};
// Make a request to the token issuing endpoint.
request.post({url: config.tokenEndpoint, form: requestParams}, function (err, response, body) {
var parsedBody = JSON.parse(body);
if (err) {
deferred.reject(err);
} else if (parsedBody.error) {
deferred.reject(parsedBody.error_description);
} else {
// If successful, return the access token.
deferred.resolve(parsedBody.access_token);
}
});
return deferred.promise;
};
If you want to create use in your AAD, you can leverage the Microsoft Graph API: Create User
, which is not implemented in your code or the graph.js
code at github repository. 如果要在AAD中创建用途,则可以利用Microsoft Graph API: Create User
,该代码未在您的代码或github存储库中的graph.js
代码中实现。
You need to implement the function yourself like: 您需要自己实现以下功能:
Additionally, it seems that we have to generate the access token in Authorization Code Grant Flow to complete the operation. 另外,似乎我们必须在授权码授予流程中生成访问令牌才能完成操作。 As in my test, I got the Authorization_RequestDenied
error when I use the app-only flow access token to authorize the operation, and the graph server returned me the message: 就像在测试中一样,当我使用仅应用程序的流访问令牌来授权操作时,出现了Authorization_RequestDenied
错误,并且图形服务器向我返回了以下消息:
"message": "Insufficient privileges to complete the operation." “ message”:“权限不足,无法完成操作。”
you can refer to https://github.com/OfficeDev/O365-Nodejs-Microsoft-Graph-Connect/ for the sample. 您可以参考https://github.com/OfficeDev/O365-Nodejs-Microsoft-Graph-Connect/获取示例。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.