The OAuth2 plugin only allows requesting the data from a single endpoint (the oauth2 user json url). All of the json *** path settings refer to locations within the JSON data, not separate API endpoints.
Taking a quick look at the graph.microsoft.com api docs it doesn’t look like the /me endpoint includes the avatar URL by default. Even if you were able to fetch the profilePhoto resource, it looks like it returns a “photo ID” rather than a URL.
So unfortunately I think you would need to develop a custom authentication plugin to make this work 
. I’d love to be proven wrong though!