Comments (7)
Gotcha. I'm going to close this since there's no change needed. Thanks for reporting!
from msgraph-sample-nodeexpressapp.
You do not need to set these permissions explicitly on the app registration. The application requests them dynamically, by passing the scopes set in the .env file:
from msgraph-sample-nodeexpressapp.
Hm, that's weird. It didn't work before I set those permissions explicitly, it did work after...
from msgraph-sample-nodeexpressapp.
When you click Sign in, what's the URL that you're redirected to? Does it have the v2.0
segment in the URL? It should look like:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?redirect_uri=http%3a%2f%2flocalhost%3a3000%2ffoo%2fauth%2fcallback
&response_type=code+id_token&response_mode=form_post
&client_id=765e28cf-bfab-4c23-965f-411e56ee004b
&prompt=login
&state=0kP7qCr1K2TUd4IrNUHHpkb1seOTQkbA
&nonce=UWKaG_jBjQQopPY7N8WYkmgascAdEQtv
&scope=profile+offline_access+user.read+calendars.read+openid
&x-client-SKU=passport-azure-ad
&x-client-Ver=4.0.0
&sso_nonce=AQABAAAAAAAGV_bv21oQQ4ROqh0_1-tA1A9au4V4ZsIsLrUFnIVzvEVg0fSiDL1GW7KwZPQHe_wN335Iwrz6UHTLyzrg7-iyKlJdG7Gt-nvSb_uX_UH2giAA
&client-request-id=024a895a-5e7a-427c-baea-82757d1c4437
&mscrid=024a895a-5e7a-427c-baea-82757d1c4437
The important bit being the scope
parameter. By passing the list of scopes there, you dynamically request specific scopes.
from msgraph-sample-nodeexpressapp.
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Fcallback
&response_type=code%20id_token
&response_mode=form_post
&client_id=<id>
&prompt=login
&state=4fkxtyv9eCVfPra7K8udur2ca9RfLQ5l
&nonce=QMJyNShmuupaqhYjFScqvi557XFxL8t5
&scope=profile%20offline_access%20user.read%20calendars.read%20openid
&x-client-SKU=passport-azure-ad
&x-client-Ver=4.0.0
It has %20 separators in the scope.
from msgraph-sample-nodeexpressapp.
That shouldn't matter, that all looks fine. Out of curiosity, what line of code gave invalid request before you changed your app registration?
from msgraph-sample-nodeexpressapp.
I'm afraid I don't know. I saw it as an error message in the UI (I believe a flash error message?). I always find it hard to find where errors originate in that express middleware magic. The change in the permissions made sense to me, and it seemed to work out. I figured it was something missing in the manual, but that was wrong I guess.
Removing the permissions does not make the error return, so I guess I changed something else as well, hard to remember what exactly 😅.
from msgraph-sample-nodeexpressapp.
Related Issues (20)
- It's asking for consumer rights and I can't find it. HOT 2
- redirectUrl issue HOT 2
- Replace APP_PASSWORD with CLIENT_SECRET HOT 1
- getEvents snippet will not compile HOT 1
- Mention OAuth related to refresh token to educate the reader HOT 3
- Update simple-oauth2 to 4.1.0 HOT 2
- ReferenceError: state not defined HOT 6
- Question about the Tutorial HOT 3
- Indicate whether to send a cookie in a cross-site request by specifying its SameSite attribute HOT 4
- Error 404 when trying to get the app from the Quick Start web page HOT 7
- Error: Cannot find module 'express-promise-router' in step 04-add-aad-auth.md of tutorial HOT 1
- TypeError: Cannot read property 'locals' of undefined HOT 2
- Error getting auth URL due to untrusted authority HOT 8
- How to maintain the AccessToken with load balancer HOT 2
- proxy HOT 2
- Session is undefined in calendar.js HOT 9
- Why is isomorphic-fetch required? HOT 3
- Why are there no permissions given to the App Registration during the "Register the App in the portal" stage?
- Calendar View Not Pulling Calendar Events HOT 10
- Empty list of results HOT 11
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from msgraph-sample-nodeexpressapp.