在自定义策略中获取Azure AD B2C应用程序客户端ID [英] Get the Azure AD B2C Application client id in the custom policy
问题描述
您好,自定义策略被B2C应用的客户端ID调用
Hi the custom policy gets called with the client id of the B2C app
我如何在策略中访问此密码,我认为这将被硬编码到client_id声明中,但我认为不是
How can I access this in the policy, i thought this would be hard coded to the client_id claim but I dont think it is
它仅作为默认值作为aud声明返回,但同样,我在自定义策略中看不到它
Its only returned as default as the aud claim but again I dont see that in the custom policy
谢谢
推荐答案
好了一些,但是我尝试使用标准的UserJourneyContextProvider技术配置文件,但这没用
Ok its a bit of a work around but I tried with a standard UserJourneyContextProvider technical profile and this didnt work
所以要获取客户ID作为声明,我做了以下
so to get the client id as a claim I did the following
创建业务流程步骤
<OrchestrationStep Order="2" Type="ClaimsExchange">
<ClaimsExchanges>
<ClaimsExchange
Id="ClientIdFromOIDC-JC"
TechnicalProfileReferenceId="Get-ClientID-FromOIDC"/>
</ClaimsExchanges>
</OrchestrationStep>
然后创建一个RESTFUL技术概要文件,该概要文件将调用功能应用程序,并通过{OIDC:ClientID}传递OIDC
Then create a RESTFUL technical profile which will call a Function App passing the OIDC with the {OIDC:ClientID}
<TechnicalProfile Id="Get-ClientID-FromOIDC">
<DisplayName>Get-ClientID-FromOIDC</DisplayName>
<Protocol Name="Proprietary"
Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine,
Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="AuthenticationType">None</Item>
<Item Key="ServiceUrl">--FUNCTION APP URL--</Item>
<Item Key="SendClaimsIn">QueryString</Item>
</Metadata>
<InputClaims>
<InputClaim
ClaimTypeReferenceId="client_id"
PartnerClaimType="client_id"
DefaultValue="{OIDC:ClientId}" />
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="client_id" />
</OutputClaims>
</TechnicalProfile>
然后最后创建一个功能应用程序,该应用程序从查询字符串中接受客户端ID,并以正确的格式返回该ID以供B2C识别
And then finally create a function app which accepts the client id from the querystring and returns it with the correct format for B2C to identify
使用System.Net; 使用System.Net.Http.Formatting;
using System.Net; using System.Net.Http.Formatting;
public static async Task<HttpResponseMessage> Run(HttpRequestMessage req,
TraceWriter log)
{
log.Info("C# HTTP trigger function processed a request.");
// parse query parameter
string client_id = req.GetQueryNameValuePairs()
.FirstOrDefault(q => string.Compare(q.Key, "client_id", true) == 0)
.Value;
return req.CreateResponse<ResponseContent>(
HttpStatusCode.OK, new ResponseContent
{
version = "1.0.0",
status = (int) HttpStatusCode.OK,
client_id = client_id
},
new JsonMediaTypeFormatter(), "application/json");
}
class ResponseContent {
public string version;
public int status;
public string client_id;
}
您现在将在索赔袋中获得B2C应用程序client_id作为索赔,以便现在就可以使用它来做自己想做的事情
You will now get the B2C application client_id as a claim in the claim bag so you can do what you want with it now
这篇关于在自定义策略中获取Azure AD B2C应用程序客户端ID的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!