微软的广告b2c问题:政策缺失
我做了一个聊天机器人,我想授权用户使用OIDCStrategy使用Azure广告b2c。 在控制台中, authentication failed due to: In collectInfoFromReq: policy is missing ,它始终loggingauthentication failed due to: In collectInfoFromReq: policy is missing 。 该政策已在Azure中设置。 而且我找不到在代码中声明策略的地方。 这是我的服务器:
server.get('/login', passport.authenticate('azuread-openidconnect', { failureRedirect:'/fail' }), function(req,res,next){ console.log('Login was called'); res.redirect('/',next); } ) server.post('/api/auth', passport.authenticate('azuread-openidconnect'));
并连接到azure色广告b2c:
passport.use(new OIDCStrategy({ redirectUrl:'http://localhost:3978/api/auth', allowHttpForRedirectUrl:true, clientID:'5fe844d7-e4d1-4c4c-ba70-078297b00abc', clientSecret:'?aTvTEbwcNfUF2,^', identityMetadata: 'https://login.microsoftonline.com/nuffieldbot.onmicrosoft.com/v2.0/.well-known/openid-configuration', skipUserProfile: true, responseType: 'code', responseMode: 'form_post', isB2C:true, scope:['email','profile','offline_access','https://outlook.office.com/mail/read'], loggingLevel:'info', tenantName:'nuffieldbot.onmicrosoft.com', passReqToCallback:true },function(req, iss, sub, profile, accessToken, refreshToken, done){ log.info('Example:Email address we received was:', profile.email); process.nextTick(function(){ findByEmail(profile.email,function(err,user){ if (err) { return done(err); } if (!user){ users.push(profile); return done(null, profile); } return done(null, user); }) }) } ));
我在哪里可以在我的代码中声明这个策略?
对于B2C,我们必须有策略,如果你没有在请求的查询string中设置策略名,就会抛出错误: In collectInfoFromReq: policy is missing 。 请参考oidcstrategy.js的源代码 :
// for B2C, we must have policy if (self._options.isB2C && !params.policy) return next(new Error('In collectInfoFromReq: policy is missing'));
您必须在请求中设置策略:
<a href="/login/?p=B2C_1_sign">Sign In</a>
您也可以参考代码示例: Azure Active Directory OIDC Web示例