Azure B2C如何检索内置用户声明/属性 [英] Azure B2C How to retrieve Built-In User Claims/Attributes
问题描述
我正在尝试使用内置用户属性和声明从Azure B2C检索一些非常基本的信息.
I am attempting to retrieve some very basic information from Azure B2C, using the Built-In User Attributes and Claims.
我只想回来
- 给定名字
- 姓氏
- UserId
- 电子邮件
(对我而言)B2C如何存储此内容尚不完全清楚... 登录/注销策略(用户属性)将电子邮件地址显示为字符串
Its not totally obvious (to me) how B2C is storing this content... The SignIn/SignOut Policy (User Attirubtes) displays Email Address as a string
,但登录/注销策略(应用程序声明)"将电子邮件地址显示为stringCollection
but the SignIn/SignOut Policy (Application Claims) displays Email Addresses as a stringCollection
使用以下代码,我尝试返回上述4个声明,但仅返回
Using the below code, I am attempting to return the 4 above Claims but only the
- UserId
- 列表项 通过.
- UserId
- List item are coming through.
我已经使用JWT.IO测试了返回令牌,并且我正在寻找索赔.
I have used the JWT.IO to test the return Token and the Claims I'm looking for are there.
最后,只是为了使事情变得更加陌生,MS似乎将我的电子邮件存储在UserName字段中,但没有显示我的Email字段?
Lastly, just to make things even stranger, MS seems to store my Email in a UserName field but doesn't show me an Email Field(s)?
我希望不必单独调用Graph API即可获得我想要的这2-3个字段.
I'm hoping to NOT have to make a seperate call to the Graph API in order to get these 2-3 fields I want.
我只是希望有人可以帮助我弄清楚我的代码出了什么问题.
I'm just hoping someone can help me clarify where my code is going wrong.
var claimsIdentity = (ClaimsIdentity)HttpContext.User.Identity;
var userIdClaim = claimsIdentity.Claims.SingleOrDefault(c => c.Type == ClaimTypes.NameIdentifier);
if (userIdClaim != null)
{
userId = userIdClaim.Value;
ViewData["userId"] = userId;
}
var GivenNameClaim = claimsIdentity.Claims.SingleOrDefault(c => c.Type == ClaimTypes.GivenName);
if (GivenNameClaim != null)
{
GivenName = GivenNameClaim.Value;
ViewData["GivenName"] = GivenName;
}
var SurNameClaim = claimsIdentity.Claims.SingleOrDefault(c => c.Type == ClaimTypes.Surname);
if (SurName != null)
{
SurName = SurNameClaim.Value;
ViewData["Surname"] = SurName;
}
var EmailClaim = claimsIdentity.Claims.SingleOrDefault(c => c.Type == ClaimTypes.Email);
if (Email != null)
{
Email = EmailClaim.Value;
ViewData["Email"] = Email;
}
编辑
将以下内容添加到我的视图中很有帮助.
Adding the below to my view helped..
@foreach (Claim claim in User.Claims)
{
<tr>
<td>@claim.Type @claim.Subject</td>
<td>@claim.Value</td>
</tr>
}
返回
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier 6902e027-e475-447c-8f7d-75f4451f85a4
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname Tim
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname Cadieux
- 通过电子邮件发送给me@email.com
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier 6902e027-e475-447c-8f7d-75f4451f85a4
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname Tim
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname Cadieux
- emails me@email.com
因此,我已将我的电子邮件更新为belwo,该电子邮件现在可用于3/4文件,它不返回电子邮件集合.
So I have updated me email to the belwo, which now works for 3/4 files, it does not return the collection of emails.
var Claims = User.Claims;
var SurNameClaim = Claims.SingleOrDefault(c => c.Type == ClaimTypes.Surname);
ViewData["Surname"] = SurNameClaim.Value;
var GivenNameClaim = Claims.SingleOrDefault(c => c.Type == ClaimTypes.GivenName);
ViewData["GivenName"] = GivenNameClaim.Value;
var ClientIdClaim = Claims.SingleOrDefault(c => c.Type == ClaimTypes.NameIdentifier);
ViewData["ClientId"] = ClientIdClaim.Value;
var EmailClaim = Claims.SingleOrDefault(c => c.Type == ClaimTypes.Email);
if (EmailClaim != null)
{
ViewData["Email"] = EmailClaim.Value;
}
else
{
ViewData["Email"] = "Is Null";
}
推荐答案
用户属性是aad B2C从用户那里收集的信息.因此,B2C仅收集一封电子邮件,电子邮件地址"是一个字符串. 索赔是B2C返回到依赖方应用程序的信息.既然这里可以有一封以上的电子邮件(来自多种资源,例如联合IDp,所以这是一个集合.
The user attributes is the information which aad B2C collects from user. So B2C collects only a single email, the 'email address' is a string. Claims is the information which B2C returns to the relying party app. since there can be more than one email here(coming from multiple resources, such as federated Idp, this is a collection.
you can see the sample app to see how to parse claims https://github.com/Azure-Samples/active-directory-b2c-dotnet-webapp-and-webapi/blob/master/TaskService/Controllers/TasksController.cs
如何读取值为数组的声明
How to read a claim whose value is array
List<string> emails = new List<string>();
IEnumerable<Claim> emailClaims = Claims.Where(c => c.Type == ClaimTypes.Email);
if (emailClaims.Any())
{
// get the roles' actual value
foreach (Claim claim in emailClaims)
{
emails.Add(claim.Value);
}
}
这篇关于Azure B2C如何检索内置用户声明/属性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!