我正在尝试按照此处的 Office 365 Graph API 教程进行操作。
但是,我登录后一直遇到以下错误。
Error: Failed to serialize user into session
at pass (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport\lib\authenticator.js:271:19)
at serialized (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport\lib\authenticator.js:276:7)
at passport.serializeUser (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\app.js:20:3)
at pass (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport\lib\authenticator.js:284:9)
at Authenticator.serializeUser (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport\lib\authenticator.js:289:5)
at IncomingMessage.req.login.req.logIn (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport\lib\http\request.js:50:29)
at Strategy.strategy.success (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport\lib\middleware\authenticate.js:235:13)
at verified (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\node_modules\passport-azure-ad\lib\oidcstrategy.js:98:21)
at Strategy.signInComplete [as _verify] (C:\Users\SODS\devzone\src\nodejs\o365-graph\graph-tutorial\app.js:63:10)
at process._tickCallback (internal/process/next_tick.js:68:7)
该serializeUser
方法如下所示:
//Configure passport
//In-memory storage of users
let users = {};
//Call serializeUser and deserializeUser to manage users
passport.serializeUser((user, done) => {
//Use the OID prop of the user as the key
users[user.profile.oid] = user;
done(null, user.profile.oid);
});
passport.deserializeUser((id, done) => {
done(null, users[id]);
});
问题可能是 user.profile.oid 似乎在 serializeUser 的回调函数中未定义(也尝试用普通函数替换箭头函数,但也没有用)。
但是oid
在登录期间正在设置它,当我跟踪下面代码中的值时我可以看到它。
//Callback when the sign-in is complete and an access token has been obtained
async function signInComplete(iss, sub, profile, accessToken, refreshToken, params, done) {
console.log('iss profile oid -->' + profile.oid);
if (!profile.oid) {
return done(new Error("No OID found in user profile."), null);
}
try {
const user = await graph.getUserDetails(accessToken);
if (user) {
//Add properties to profile
profile['email'] = user.mail ? user.mail : user.userPrincipalName;
}
} catch(err) {
done(err, null);
}
//Create simple oauth token from raw tokens
let oauthToken = oauth2.accessToken.create(params);
//Save the profile and token in users storage
users[profile.oid] = {profile: oauthToken};
return done(null, users[profile.oid]);
}
这是对 OIDCStratergy 的呼吁。
//Configure OIDC stratergy
passport.use(new OIDCStaregy(
{
identityMetadata: `${process.env.OAUTH_AUTHORITY}${process.env.OAUTH_ID_METADATA}`,
clientID: process.env.OAUTH_APP_ID,
responseType: 'code id_token',
responseMode: 'form_post',
redirectUrl: process.env.OAUTH_REDIRECT_URI,
allowHttpForRedirectUrl: true,
clientSecret: process.env.OAUTH_APP_PASSWORD,
validateIssuer: false,
passReqToCallback: false,
scope: process.env.OAUTH_SCOPES.split(' ')
},
signInComplete
));
所以问题是这里的问题是未定义的 users.profile.oid 吗?如果是这样,它在哪里以及为什么会丢失?