如何从.Net Core MVC中的OpenIdConnect令牌响应中提取状态参数 [英] How to extract state parameter from OpenIdConnect Token response in .Net Core MVC

问题描述

我们正在使用Azure b2c处理.net核心MVC网站上的登录.我们想使用可选的 state 参数来保存对站点的初始请求之间的一些数据/值(该值可能在querystring参数中)，然后将其发送到b2c到登录，然后成功登录将返回该站点.OpenIDConnect允许在请求中设置此状态值，并将其与令牌响应一起传回.

We are using Azure b2c to handle our logins on our .net core MVC site. We would like to use the optional state parameter to hold onto some data/a value between the initial request to the site (this value would likely be in a querystring param) which is then sent off to b2c to login, and the successfully logged in return back to the site. OpenIDConnect allow the setting of this state value in the request, and will pass it back with the token response.

似乎设置该值相对简单；在 OpenIdConnectOptions 中的 OnRedirectToIdentityProvider 事件中，如下所示:

It appears that setting the value is relatively simple; in the OnRedirectToIdentityProvider event in the OpenIdConnectOptions like so:

public Task OnRedirectToIdentityProvider(RedirectContext context){
   ...   
   context.ProtocolMessage.SetParameter("state", "mystatevalue");
   ...
}

但是，我看不到如何在返回用户时再次获得该值.

however, I cannot see how to get this value back again when the user is returned.

我可以看到 OnTicketReceived 事件被击中，它具有一个 TicketReceivedContext 事件，该事件具有一个 Form 属性，该属性的状态为值，但是仍然是加密的.

I can see that the OnTicketReceived event is hit, and this has a TicketReceivedContext which has a Form property with a state value in it, however this is still encrypted.

我从哪里可以找回未加密的值?

Where would i be able to get the un-encrypted value back from?

我看过b2c的Azure文档，但是我找不到关于此的示例.

I have had a look at the Azure docs for b2c but I cannot find an example on this.

谢谢

推荐答案

通过使用 OnTokenValidated 事件可以使其正常工作.这样可以获取未加密的参数，如下所示.

Managed to get this working by using the OnTokenValidated event. This is able to get the unencrypted parameter as below.

...//first set up the new event
options.Events = new OpenIdConnectEvents()
{
    ...
    OnTokenValidated = OnTokenValidated
};
...

private Task OnTokenValidated(TokenValidatedContext tokenValidatedContext)
{
    var stateValue = tokenValidatedContext.ProtocolMessage.GetParameter("state");
    if (stateValue != null)
    {
        //do something with that value..
    }
    return Task.CompletedTask;
}

这篇关于如何从.Net Core MVC中的OpenIdConnect令牌响应中提取状态参数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！