无法使用passport azure ad的Bear策略对SPA进行身份验证

Integrating Azure AD into an AngularJS single page app 本教程将起作用。 https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-devquickstarts-angular-node

它是为Azure AD v2.0端点实现的,但不幸的是,我的组织不支持Azure AD v2.0端点,因此我替换了的实验版本 adal.js adal-angular 具有GA的库 adal.js adal角度 passport-azure-ad 。后端无法对隐式授予的令牌进行身份验证。

allow implicit flow 在清单文件中为true。我还试着用我的 client ID 和 Tenant Name 在另一个例子中,使用相同的 angular .NET 作为后端。成功了!

这是我的后端配置

exports.creds = {

    // The app id you get from the registration portal
    audience: 'http://localhost:8080',
    clientID: '**********************************',

    // Passport will use this URL to fetch the token validation information from Azure AD
    identityMetadata: '************************************',
    // Required.
    // If you are using the common endpoint, you should either set `validateIssuer` to false, or provide a value for `issuer`.
    validateIssuer: true,

    // Required.
    // Set to true if you use `function(req, token, done)` as the verify callback.
    // Set to false if you use `function(req, token)` as the verify callback.
    passReqToCallback: false,

    // Required if you are using common endpoint and setting `validateIssuer` to true.
    // For tenant-specific endpoint, this field is optional, we will use the issuer from the metadata by default.
    issuer: '**************************************',

    isB2C: false,

    // Optional. Default value is false.
    // Set to true if you accept access_token whose `aud` claim contains multiple values.
    allowMultiAudiencesInToken: false,

    // Optional. 'error', 'warn' or 'info'
    loggingLevel: 'info'
};

我的服务器:

app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());

// Pull in the Azure AD bearer passport strategy
var OIDCBearerStrategy = require('passport-azure-ad').BearerStrategy;

// This object is used for in-memory data storage, instead of a database.
// Each time you run the server, you will get a fresh, empty list.
var tasks = [];

// Load passport and configure it to use Azure AD Bearer auth
app.use(passport.initialize());
passport.use(new OIDCBearerStrategy({
    identityMetadata: config.creds.identityMetadata,
    audience: config.creds.audience,
    clientID: config.creds.clientID,
    validateIssuer: true,
    issuer: config.creds.issuer,

}, function (token, done) {
    console.log("yooo");
    return done(null, token, null);
}));

var router = express.Router();
router.route('/api/tasks')
    .post(passport.authenticate('oauth-bearer', { session: false }), controller)

以下是我的浏览器控制台在前端验证后的输出:

State: **************
adal.js:973 State status:true
adal.js:973 State is right

有人做过类似的事情吗?