node.js - 为什么我对新访问 token 的请求没有返回新的刷新 token ？

Question

我正在使用以下代码以及我的刷新 token 来请求新的访问 token :

exports.getTokenFromRefreshToken = function (user, callback) {
    request.post({
        url:'https://login.microsoftonline.com/12345678-1234-1234-1234-2f189712345/oauth2/token',
        form: {
            grant_type: 'refresh_token',
            refresh_token: refresh_token,
            client_id: client_id,
            client_secret: client_secret,
            resource: 'https://graph.microsoft.com'
        }
    }, function(err, httpResponse, body) {
        if (!err) {
            var tokens = JSON.parse(httpResponse.body);
            console.log('getTokenFromRefreshToken() tokens = ' + JSON.stringify(tokens));
            callback(null, tokens);
        }
    })
};

httpResponse 包括我在发出原始 token 请求(来自 code)但没有新的刷新 token 时获得的所有内容。我的印象是我还会收到一个新的刷新 token 。不是这样吗？

Answer 1

仅当包含 offline_access 时，您才会获得新的刷新 token 范围。

引用:https://azure.microsoft.com/en-us/documentation/articles/active-directory-v2-scopes/

The offline_access scope gives your app access to resources on behalf of the user for an extended time. On the work account consent page, this scope appears as the "Access your data anytime" permission. On the personal Microsoft account consent page, it appears as the "Access your info anytime" permission. When a user approves the offline_access scope, your app can receive refresh tokens from the v2.0 token endpoint. Refresh tokens are long-lived. Your app can get new access tokens as older ones expire.