使用Passport和passport-azure-ad时没有刷新令牌
[英]No refresh token when using Passport and passport-azure-ad
问题描述
I'm attempting to use Passport to connect to Office365. 
我正在尝试使用Passport连接到Office365。 I up getting the auth prompt and the access token is returned. 我收到auth提示符并返回访问令牌。 The issue is that the refresh token is undefined. 问题是刷新令牌未定义。
My Setup 我的设置
// In app.js
const creds = {
redirectUrl: 'http://localhost:3000/token',
clientID: '<myClientId>',
clientSecret: '<mySecret>',
identityMetadata: 'https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration',
allowHttpForRedirectUrl: true, // For development only
accessType: 'offline',
responseType: 'code',
validateIssuer: false, // For development only
responseMode: 'query',
scope: [
'Contacts.Read',
...
]
};
const callback = (iss, sub, profile, accessToken, refreshToken, done) => {
console.log('Refresh Token: ', refreshToken); // this is undefined
done(null, {
profile,
accessToken,
refreshToken
});
};
passport.use(new OIDCStrategy(creds, callback));
// When I authenticate
const passportSettings = {
accessType: 'offline',
approvalPrompt: 'consent'
};
// Authentication request.
router.get('/login', (req, res, next) => {
passport.authenticate('azuread-openidconnect', passportSettings, (err, user, info) => {
// Do stuff.
});
});
Things I've tried: 我试过的事情:
- Un-authorizing the app for the user I signed up with. 取消为我注册的用户授权应用。
- Moving the location of the
accessTypesetting.移动accessType设置的位置。
I'm really at a loss as to why this doesn't work. 我真的不知道为什么这不起作用。 With the Google strategy just setting the type of 'offline' seems to be enough. 使用Google策略只需设置“离线”类型就足够了。
1 个解决方案
解决方案1
1 已采纳 2017-06-18 20:24:18
It looks like you need to add the offline_access scope to the app registration as well as the config. 看起来您需要将offline_access范围添加到应用程序注册以及配置中。 See https://github.com/AzureAD/passport-azure-ad/issues/322 . 请参阅https://github.com/AzureAD/passport-azure-ad/issues/322 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.