在Azure AD B2C中注册后如何使用户返回登录页面? [英] How to make user return on login page after sign-up in Azure AD B2C?
问题描述
当用户在系统中注册时,该用户将作为登录用户自动重定向到我们的应用程序.我希望在注册后将他重定向到签名页面.我想要这种行为,因为在访问系统之前,用户需要获得管理员的批准.我使用自定义策略.
When a user is signing-up in the system, he is automatically redirected to our application as a signed in user. I would like that after the sign-up, he is redirected to the signing page. I want this behavior since users need to be approved by an admin before having access to the system. I use custom policies.
我尝试使用"SM-Noop"会话管理器,但无法正常工作.有我的代码:
I tried to use the "SM-Noop" session manager but it is not working. There is my code:
<!--Local account sign-up page-->
<TechnicalProfile Id="LocalAccountSignUpWithLogonEmail">
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="email" PartnerClaimType="Verified.Email" Required="true" />
<OutputClaim ClaimTypeReferenceId="newPassword" Required="true" />
<OutputClaim ClaimTypeReferenceId="reenterPassword" Required="true" />
<OutputClaim ClaimTypeReferenceId="mobile" />
<OutputClaim ClaimTypeReferenceId="extension_phoneExtension" />
<OutputClaim ClaimTypeReferenceId="givenName" />
<OutputClaim ClaimTypeReferenceId="surName" />
<OutputClaim ClaimTypeReferenceId="extension_company" />
<OutputClaim ClaimTypeReferenceId="streetAddress" />
<OutputClaim ClaimTypeReferenceId="city" />
<OutputClaim ClaimTypeReferenceId="state" />
<OutputClaim ClaimTypeReferenceId="country" />
<OutputClaim ClaimTypeReferenceId="postalcode" />
</OutputClaims>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
</TechnicalProfile>
解决方案似乎是添加orchestrationSteps.有一个链接可以执行此操作,但需要重置密码: www.stackoverflow.com/a/62878136 就我而言,它无法正常工作,因为我无法在同一userJourney中添加两个CombinedSignInAndSignUp,因此它崩溃了.还有其他想法吗?
The solution seems to be to add orchestrationSteps. There is a link doing that but with a password reset: www.stackoverflow.com/a/62878136 In my case, it is not working since I can't add two CombinedSignInAndSignUp in the same userJourney so it crashes. Any other idea?
Edit2: 我对SignUpSignIn有政策:
There is my policy for the SignUpSignIn:
<UserJourney Id="SignUpOrSignIn">
<OrchestrationSteps>
<OrchestrationStep Order="1" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
<ClaimsProviderSelections>
<ClaimsProviderSelection ValidationClaimsExchangeId="LocalAccountSigninEmailExchange" />
</ClaimsProviderSelections>
<ClaimsExchanges>
<ClaimsExchange Id="LocalAccountSigninEmailExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-Email" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="2" Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsExchanges>
<ClaimsExchange Id="SignUpWithLogonEmailExchange" TechnicalProfileReferenceId="LocalAccountSignUpWithLogonEmail" />
</ClaimsExchanges>
</OrchestrationStep>
<!-- This step reads any user attributes that we may not have received when in the token. -->
<OrchestrationStep Order="3" Type="ClaimsExchange">
<ClaimsExchanges>
<ClaimsExchange Id="AADUserReadWithObjectId" TechnicalProfileReferenceId="AAD-UserReadUsingObjectId" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="4" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JwtIssuer" />
</OrchestrationSteps>
<ClientDefinition ReferenceId="DefaultWeb" />
</UserJourney>
仍然试图弄清楚在Order ="5"中放入什么.等等,在我的TrustFrameworkExtensions.xml
Still trying to figure out what to put in Order="5" and so on in my TrustFrameworkExtensions.xml
推荐答案
以下是您可以执行的配置:
Below are the configuration you can do:
索赔类型(从B2C端打印消息)
<ClaimType Id="userMessage">
<DisplayName></DisplayName>
<DataType>string</DataType>
<UserInputType>Paragraph</UserInputType>
</ClaimType>
ClaimsTransformation
<ClaimsTransformation Id="GetUserMessage" TransformationMethod="CreateStringClaim">
<InputParameters>
<InputParameter Id="value" DataType="string" Value="[![Your Account has been successfully created. To continue click on the sign-in link below.][1]][1]" />
</InputParameters>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="userMessage" TransformationClaimType="createdClaim" />
</OutputClaims>
</ClaimsTransformation>
技术资料:
<TechnicalProfile Id="SelfAsserted-UserMessage">
<DisplayName>After Registration</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="ContentDefinitionReferenceId">api.selfasserted</Item>
<!--Demo: hide the continue and cancel buttons -->
<Item Key="setting.showContinueButton">false</Item>
<Item Key="setting.showCancelButton">false</Item>
</Metadata>
<InputClaimsTransformations>
<InputClaimsTransformation ReferenceId="GetUserMessage" />
</InputClaimsTransformations>
<InputClaims>
<InputClaim ClaimTypeReferenceId="userMessage" />
</InputClaims>
<OutputClaims>
<!--Demo: Show the paragraph claim with the message to the user -->
<OutputClaim ClaimTypeReferenceId="userMessage" />
</OutputClaims>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
</TechnicalProfile>
用户历程:
<OrchestrationStep Order="3" Type="ClaimsExchange">
<ClaimsExchanges>
<ClaimsExchange Id="AADUserReadWithObjectId" TechnicalProfileReferenceId="AAD-UserReadUsingObjectId" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="4" Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="false">
<Value>extension_isApproved</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
<Precondition Type="ClaimEquals" ExecuteActionsIf="true">
<Value>extension_isApproved</Value>
<Value>True</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsExchanges>
<ClaimsExchange Id="SendClaims" TechnicalProfileReferenceId="SelfAsserted-UserMessage" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="5" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JwtIssuer" />
</OrchestrationSteps>
注意:确保在" AAD-UserReadUsingObjectId "您添加以下声明:
Note: Make Sure in the "AAD-UserReadUsingObjectId" you add the below claim:
<OutputClaim ClaimTypeReferenceId="extension_isApproved" />
也在" SelfAsserted-UserMessage "中配置文件,在内容定义中,您可以具有自定义页面,该页面将具有登录页面"的链接.下面是默认显示方式的屏幕截图.
Also in the "SelfAsserted-UserMessage" Profile, in the content definition you can have custom page which will have the link of your Login Page. Below is the screenshot of how it appears by default.
这篇关于在Azure AD B2C中注册后如何使用户返回登录页面?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!