我一定错过了一些非常明显的东西。
我一直在尝试信任/遵循有关此文档的官方文档,但我注意到我实际上并没有使用我在任何地方定义的整个“承载策略”。如果我尝试用 BearerStrategy 替换 oauth-bearer,我会得到完全相同的结果。
设置:
const passport = require('passport');
const BearerStrategy = require('passport-azure-ad').BearerStrategy
index.js 中的端点:
app.use("/andon", passport.authenticate('oauth-bearer', { session: false }), andon);
来自文档文件的配置:
let options = {
identityMetadata: appconfig.get("creds.identityMetadata"),
clientID: appconfig.get("creds.clientID"),
passReqToCallback: appconfig.get("creds.passReqToCallback")
}
let bearerStrategy = new BearerStrategy(options,
function(token, done) {
log.info('verifying the user');
log.info(token, 'was the token retreived');
findById(token.oid, function(err, user) {
if (err) {
return done(err);
}
if (!user) {
// "Auto-registration"
log.info('User was added automatically as they were new. Their oid is: ', token.oid);
users.push(token);
owner = token.oid;
return done(null, token);
}
owner = token.oid;
return done(null, user, token);
});
}
);