执行我的自定义SignUpSignIn策略后如何返回PolicyId声明? [英] How can I return the PolicyId Claim after executing my Custom SignUpSignIn policy?

问题描述

我希望执行我的Customized SignUpSignIn策略时返回的声明中包含policyId.

I would like the policyId to be included in the claims that are returned when my Customized SignUpSignIn policy is executed.

我认为应该在ID为tfp的索赔中.

I think this should be in claim Id tfp.

存在是有关如何执行此操作的文章.

在设置代表策略ID的声明"部分中，它说要在令牌发行者" ClaimsProvider替代中包含键AuthenticationContextReferenceClaimPattern.

In the section "Setting claim representing policy ID" it says to include the key AuthenticationContextReferenceClaimPattern in the "Token Issuer" ClaimsProvider override.

<ClaimsProviders>
  <ClaimsProvider>
    <DisplayName>Token Issuer</DisplayName>
    <TechnicalProfiles>
      <TechnicalProfile Id="JwtIssuer">
        <Metadata>
          .....
          <Item Key="AuthenticationContextReferenceClaimPattern">None</Item>
        </Metadata>
      </TechnicalProfile>
    </TechnicalProfiles>
  </ClaimsProvider>
</ClaimsProviders>

然后必须在outputClaims中添加trustFrameworkPolicy.我是这样想的:

And then you have to add the trustFrameworkPolicy in your outputClaims. I think like this:

<RelyingParty>
  <DefaultUserJourney ReferenceId="SignUpOrSignIn" />
  <TechnicalProfile Id="PolicyProfile">
    <DisplayName>PolicyProfile</DisplayName>
    <Protocol Name="OpenIdConnect" />
    <OutputClaims>
      <OutputClaim ClaimTypeReferenceId="displayName" />
      <OutputClaim ClaimTypeReferenceId="givenName" />
      <OutputClaim ClaimTypeReferenceId="surname" />
      ......
      <OutputClaim ClaimTypeReferenceId="trustFrameworkPolicy" Required="true" DefaultValue="{policy}" />
    </OutputClaims>
  <SubjectNamingInfo ClaimType="sub" />
</TechnicalProfile>

但是当我上传此自定义策略文件时，显示错误:

But when I upload this Custom Policy file an error is displayed:

租户"yyyyy.onmicrosoft.com"的策略"B2C_1A_xxxx"引用ID为"trustframeworkPolicy"的ClaimType，但该策略或其任何基本策略均不包含该元素."

"Policy "B2C_1A_xxxx" of tenant "yyyyy.onmicrosoft.com" makes a reference to ClaimType with id "trustframeworkPolicy" but neither the policy nor any of its base policies contain such an element."

表示找不到ClaimTypeReferenceId:"trustFrameworkPolicy".

Meaning it can't find the ClaimTypeReferenceId: "trustFrameworkPolicy".

我是否必须添加ClaimType"trustframeworkPolicy"的声明定义?在ClaimsSchema中?

Do I have to add a claim definition of the ClaimType "trustframeworkPolicy"? in the ClaimsSchema?

如果是这样:是什么感觉?

If so: What's it like?

推荐答案

将以下ClaimType添加到TrustFrameworkExtensions.xml:

<ClaimType Id="trustFrameworkPolicy">
    <DisplayName>Trust Framework Policy</DisplayName>
    <DataType>string</DataType>
    <DefaultPartnerClaimTypes>
        <Protocol Name="OAuth2" PartnerClaimType="tfp" />
        <Protocol Name="OpenIdConnect" PartnerClaimType="tfp" />
    </DefaultPartnerClaimTypes>
</ClaimType>

注意:ClaimType应该是<ClaimsSchema><BuildingBlocks>

这篇关于执行我的自定义SignUpSignIn策略后如何返回PolicyId声明?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！