使用通行证库访问Microsoft Graph API时，CompactToken解析失败，错误代码:80049217 [英] CompactToken parsing failed with error code: 80049217 when using passport library to access Microsoft Graph API

问题描述

我正在使用'passport-azure-ad-oauth2' npm模块来获取访问令牌，然后将其传递给MS Graph API.

I am using 'passport-azure-ad-oauth2' npm module, to get an access token, which I could then pass to the MS Graph API.

passport.use(new AzureAdOAuth2Strategy({
    clientID: process.env.OUTLOOK_CLIENT_ID,
    clientSecret: process.env.OUTLOOK_SECRET,
    callbackURL: '/auth/outlook/callback',
},
    function (accesstoken: any, refresh_token: any, params: any, profile, done) {
        logger.info('Completed azure sign in for : ' + JSON.stringify(profile));
        logger.info('Parameters returned: ' + JSON.stringify(params));
        const decodedIdToken: any = jwt.decode(params.id_token);
        logger.info('Outlook Access Token:' + accesstoken);
        logger.info('Decoded Token: ' + JSON.stringify(decodedIdToken, null, 2));

        process.env['OUTLOOK_ACCESS_TOKEN'] = accesstoken;
        // add new user with token or update user's token here, in the database

    }));

然后，使用'@ microsoft/microsoft-graph-client' npm模块，从Graph API获取日历事件，如下所示:

And then, using '@microsoft/microsoft-graph-client' npm module, to fetch Calendar events from the Graph API as follows:

try {
    const client = this.getAuthenticatedClient(process.env['OUTLOOK_ACCESS_TOKEN']);
    const resultSet = await client
                .api('users/' + userId + '/calendar/events')
                .select('subject,organizer,start,end')
                .get();
    logger.info(JSON.stringify(resultSet, null, 2));
} catch (err) {
    logger.error(err);
}

getAuthenticatedClient(accessToken) {
    logger.info('Using accestoken for initialising Graph Client: ' + accessToken);
    const client = Client.init({
        // Use the provided access token to authenticate requests
        authProvider: (done) => {
            done(null, accessToken);
        }
    });

    return client;
}

但是，使用成功登录时提供的accessToken，出现以下错误: CompactToken解析失败，错误代码:80049217

However, however, using the accessToken provided on Successful Login, I get the following error : CompactToken parsing failed with error code: 80049217

任何建议我在做什么不正确?

Any suggestions what am I doing incorrectly ???

更新: 这些是我正在使用的范围:'openid，profile，offline_access，calendars.read'

UPDATE : These are the scope I am using : 'openid,profile,offline_access,calendars.read'

更新: 稍微编辑一下范围后，现在出现以下错误:无效的受众群体.

UPDATE : After editing the scopes a bit, now I am getting the following error : Invalid Audience.

在解码在jwt.ms接收到的令牌时，这是'aud'的值:"00000002-0000-0000-c000-000000000000"

On decoding the token received at jwt.ms, this is the value for 'aud': "00000002-0000-0000-c000-000000000000"

passport-azure-ad-oauth2 是为MS Graph API检索令牌的错误库吗?

Is it the case that passport-azure-ad-oauth2 is the wrong library for retrieving tokens for MS Graph API ?

推荐答案

结果是有一个用于microsoft-graph api的护照库: passport-microsoft

Turns out there is a passport library for microsoft-graph api : passport-microsoft

我从该软件包中使用了MicrosoftStrategy，一切似乎都工作正常.

I used MicrosoftStrategy from that package and everything seems to be working fine.

passport-azure-ad-oauth2 用于旧的Azure AD Graph API，而 passport-microsoft 用于新的Microsoft Graph API

passport-azure-ad-oauth2 is for the old Azure AD Graph API, while passport-microsoft is for the new Microsoft Graph API

这篇关于使用通行证库访问Microsoft Graph API时，CompactToken解析失败，错误代码:80049217的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！