3

我正在尝试按照此处的 Office 365 Graph API 教程进行操作。

但是,我登录后一直遇到以下错误。

Error: Failed to serialize user into session
    at pass (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport\lib\authenticator.js:271:19)
    at serialized (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport\lib\authenticator.js:276:7)
    at passport.serializeUser (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\app.js:20:3)
    at pass (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport\lib\authenticator.js:284:9)
    at Authenticator.serializeUser (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport\lib\authenticator.js:289:5)
    at IncomingMessage.req.login.req.logIn (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport\lib\http\request.js:50:29)
    at Strategy.strategy.success (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport\lib\middleware\authenticate.js:235:13)
    at verified (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport-azure-ad\lib\oidcstrategy.js:98:21)
    at Strategy.signInComplete [as _verify] (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\app.js:63:10)
    at process._tickCallback (internal/process/next_tick.js:68:7)

serializeUser方法如下所示:

//Configure passport
//In-memory storage of users 
let users = {};
//Call serializeUser and deserializeUser to manage users
passport.serializeUser((user, done) => {
  //Use the OID prop of the user as the key
  users[user.profile.oid] = user;
  done(null, user.profile.oid);
}); 

passport.deserializeUser((id, done) => {
  done(null, users[id]);
});

问题可能是 user.profile.oid 似乎在 serializeUser 的回调函数中未定义(也尝试用普通函数替换箭头函数,但也没有用)。

但是oid在登录期间正在设置它,当我跟踪下面代码中的值时我可以看到它。

//Callback when the sign-in is complete and an access token has been obtained
async function signInComplete(iss, sub, profile, accessToken, refreshToken, params, done) {
  console.log('iss profile oid -->' + profile.oid);
  if (!profile.oid) {
    return done(new Error("No OID found in user profile."), null);
  }

  try {
    const user = await graph.getUserDetails(accessToken);

    if (user) {
      //Add properties to profile
      profile['email'] = user.mail ? user.mail : user.userPrincipalName;
    }
  } catch(err) {
    done(err, null);
  } 

  //Create simple oauth token from raw tokens
  let oauthToken = oauth2.accessToken.create(params);

  //Save the profile and token in users storage
  users[profile.oid] = {profile: oauthToken};
  return done(null, users[profile.oid]); 
}

这是对 OIDCStratergy 的呼吁。

//Configure OIDC stratergy
passport.use(new OIDCStaregy(
  {
    identityMetadata: `${process.env.OAUTH_AUTHORITY}${process.env.OAUTH_ID_METADATA}`,
    clientID: process.env.OAUTH_APP_ID,
    responseType: 'code id_token',
    responseMode: 'form_post',
    redirectUrl: process.env.OAUTH_REDIRECT_URI,
    allowHttpForRedirectUrl: true,
    clientSecret: process.env.OAUTH_APP_PASSWORD,
    validateIssuer: false,
    passReqToCallback:  false,
    scope: process.env.OAUTH_SCOPES.split(' ')
  },
  signInComplete
));

所以问题是这里的问题是未定义的 users.profile.oid 吗?如果是这样,它在哪里以及为什么会丢失?

4

0 回答 0