I'm attempting to use Passport to connect to Office365. I up getting the auth prompt and the access token is returned. The issue is that the refresh token is undefined.
My Setup
// In app.js
const creds = {
redirectUrl: 'http://localhost:3000/token',
clientID: '<myClientId>',
clientSecret: '<mySecret>',
identityMetadata: 'https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration',
allowHttpForRedirectUrl: true, // For development only
accessType: 'offline',
responseType: 'code',
validateIssuer: false, // For development only
responseMode: 'query',
scope: [
'Contacts.Read',
...
]
};
const callback = (iss, sub, profile, accessToken, refreshToken, done) => {
console.log('Refresh Token: ', refreshToken); // this is undefined
done(null, {
profile,
accessToken,
refreshToken
});
};
passport.use(new OIDCStrategy(creds, callback));
// When I authenticate
const passportSettings = {
accessType: 'offline',
approvalPrompt: 'consent'
};
// Authentication request.
router.get('/login', (req, res, next) => {
passport.authenticate('azuread-openidconnect', passportSettings, (err, user, info) => {
// Do stuff.
});
});
Things I've tried:
accessType
setting.I'm really at a loss as to why this doesn't work. With the Google strategy just setting the type of 'offline' seems to be enough.
It looks like you need to add the offline_access
scope to the app registration as well as the config. See https://github.com/AzureAD/passport-azure-ad/issues/322.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With