Yammer OAuth2 REST authentication always gives same access token for different users -
we developing app, , integrating our app yammer, wanted post our app messages yammer, have office 365 login, , can able login in yammer office 365 account , post messages , not verified admin in yammer.
- first, nodejs code calls office 365 authentication
- checks in db whether bearer token available authenticated user
- if token not available in db, redirects yammer oauth authentication
- yammer authentication dialog box appears
- logged in user (new user, not registered app), registered in yammer
- redirecting access_token rest api
- getting duplicate access token https://api.yammer.com/oauth2/access_token rest api, received access token duplicate of user
the problem, why am getting duplicate access token different users, thing have go impersonation, should verified admin user
can help?, in advance.
var express = require('express'); var passport = require('passport'); var bearertoken = require('express-bearer-token'); var strategy = require('passport-azure-ad-oauth2').strategy; var path=require('path'); var jwt = require("jwt-simple"); var url = require('url'); var https = require('https'); var fs = require('fs'); var gname=""; var fname=""; var email =""; var btoken=""; var yammercode = ""; var yammerresponse; var finalbearertoken = ""; var options = { key: fs.readfilesync('key.pem'), cert: fs.readfilesync('certificate.pem'), requestcert: false, rejectunauthorized: false }; var app = express(); app.use(bearertoken()); app.use(passport.initialize()); app.use(express.static(path.join(__dirname, '/src'))); passport.use('office365_oauth2',new strategy({ clientid: 'client id', clientsecret: 'client secret', callbackurl: 'https://mycomputer:443/response1', tokenurl: 'https://login.microsoftonline.com/common/oauth2/v2.0/token', authorizationurl: 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize', scope: 'user.read', skipuserprofile:false, domain_hint:'csc.com' }, function (accesstoken, refresh_token, params, profile, done) { var user = jwt.decode(accesstoken, '', true); gname = user.given_name; fname = user.family_name; email = user.upn; btoken = accesstoken; return done(null, user); } )); passport.serializeuser(function(user, done) { console.log("profile : ", user); done(null, user); }); passport.deserializeuser(function(user, done) { console.log("profile : ", user); done(null, user); }); app.get('/response1', passport.authenticate('office365_oauth2'), function(req,res,next){ res.redirect(url.format({ pathname:"http://mycomputer:3332/", query: { "o365": "true", "userfirstname": gname, "userlastname": fname, "upn": email, "token":'checkdb' } })); }); app.get('/yammerauth', function(req,res,next) { res.redirect(url.format({ pathname : "https://www.yammer.com/csc.com/oauth2/authorize", query : { "client_id" : "clientid", "redirect_uri" : "https://mycomputer:443/response2", "response_type" : "code" } })) }); app.get('/response2', function(req,res,next){ yammercode = req.query.code; console.log('yammercode ' + yammercode); if (typeof yammercode != 'undefined') { console.log(yammercode); var postdata={ client_id : "clientid", client_secret : "client_secret", code : yammercode, grant_type : "authorization_code" }; require('request').post({ uri:"https://www.yammer.com/oauth2/access_token", body:require('querystring').stringify(postdata) },function(err,res1,body){ console.log(res.statuscode); yammerresponse = json.parse(body); if (typeof yammerresponse != 'undefined' ) { finalbearertoken = yammerresponse.access_token.token; console.log('bearertoken ' + finalbearertoken); res.redirect(url.format({ pathname:"http://mycomputer:3332/", query: { "o365": "true", "userfirstname": gname, "userlastname": fname, "upn": email, "token": finalbearertoken } })); } else { console.log('bearertoken not generated'); res.redirect(url.format({ pathname:"http://mycomputer:3332/", query: { "o365": "true", "userfirstname": gname, "userlastname": fname, "upn": email, "token":'noauth' } })); }; }); } else { res.redirect(url.format({ pathname:"http://mycomputer:3332/", query: { "o365": "true", "userfirstname": gname, "userlastname": fname, "upn": email, "token":'noauth' } })); } } ) app.get('/login',passport.authenticate('office365_oauth2'),function(req, res, next){ }); app.get('/logout', (req, res) => { req.logout(); //res.clearcookie('connect.sid'); res.redirect('http://mycomputer:3332'); }); var httpsserver = https.createserver(options,app); httpsserver.listen(443); console.log("listening");
Comments
Post a Comment