[英]Getting Azure B2C SignUpSignIn Application Claims using MSAL in Xamarin.Forms
I'm creating a Xamarin.Forms app using Azure B2C and MSAL ( Microsoft.Identity.Client
NuGet package) to authenticate users.我正在创建一个 Xamarin.Forms 应用程序,使用 Azure B2C 和 MSAL(
Microsoft.Identity.Client
NuGet 包)对用户进行身份验证。 When the app opens, I attempt to authenticate them in the background using the following code:当应用程序打开时,我尝试使用以下代码在后台对它们进行身份验证:
AuthenticationResult ar;
ar = await App.AuthenticationClient.AcquireTokenSilentAsync(Scopes,
userIdentifier, Authority,
SignUpSignInpolicy, false);
If that fails, the app switches and authenticates them with the standard AquireTokenAsync()
method.如果失败,应用程序会切换并使用标准的
AquireTokenAsync()
方法对它们进行身份验证。
AuthenticationResult ar;
ar = await App.AuthenticationClient.AcquireTokenAsync(Config.Scopes,
"", UiOptions.SelectAccount,
string.Empty, null, Config.Authority,
Config.SignUpSignInpolicy);
The SignUpSignInpolicy
that I'm using has application claims for email, first and last name, object ID, and birthday which is a custom string attribute.我正在使用的
SignUpSignInpolicy
具有电子邮件、名字和姓氏、对象 ID 和生日的应用程序声明,这是一个自定义字符串属性。
What I want to do is get the email, name, and birthday of the authenticated user if they have to sign in so I can create a user object from that data which will be used throughout the app.我想要做的是获取经过身份验证的用户的电子邮件、姓名和生日(如果他们必须登录),以便我可以从该数据创建一个用户对象,该对象将在整个应用程序中使用。 Is there a way to get this data from the
AuthenticationResult
?有没有办法从
AuthenticationResult
获取这些数据? If not, how do I go about retrieving the SignUpSignIn
application claims?如果没有,我该如何检索
SignUpSignIn
应用程序声明? I'm new to authentication so I'm probably missing something important.我是身份验证的新手,所以我可能遗漏了一些重要的东西。
The claims you've configured via the Application Claims blade are included in the id token .您通过应用程序声明刀片配置的声明包含在id token 中。
The id token is available through the IdToken property of the AuthenticationResult . id 令牌可通过AuthenticationResult的IdToken属性获得。 The IdToken is a Base64 encoded JWT, which you can access by instantiating the JwtSecurityToken class.
IdToken 是 Base64 编码的 JWT,您可以通过实例化JwtSecurityToken类来访问它。 This class will give you access to the claims via the Claims property.
此类将使您可以通过 Claims 属性访问声明。
Note: In order to access the JwtSecurityToken class, you'll need to include theSystem.IdentityModel.Tokens.Jwt nuget package .注意:为了访问 JwtSecurityToken 类,您需要包含System.IdentityModel.Tokens.Jwt nuget 包。
Here's some sample code that helps you retrieve a given claim.:下面是一些示例代码,可帮助您检索给定的声明。:
var claimName = "given_name"; // This could also be any of your custom attributes, e.g. "extension_gamertag"
authResult = await client.AcquireTokenAsync(Config.Scopes,
"", UiOptions.SelectAccount,
string.Empty, null, Config.Authority,
Config.SignUpSignInpolicy);
var jwt = new JwtSecurityToken(authResult.IdToken);
Console.WriteLine(jwt.Claims.First(c => c.Type == claimName).Value);
EDIT 2017-03-17 Since System.IdentityModel.Tokens.Jwt is not available for Xamarin/PCL, you can process the token yourself with the Newtonsoft.Json nuget package (using Newtonsoft.Json.Linq);编辑 2017-03-17由于 System.IdentityModel.Tokens.Jwt 不适用于 Xamarin/PCL,您可以使用 Newtonsoft.Json nuget 包(使用 Newtonsoft.Json.Linq)自己处理令牌;
var jwtPayloadEnc = authResult.IdToken.Split('.')[1];
var jwtPayload = Encoding.UTF8.GetString(System.Convert.FromBase64String(jwtPayloadEnc));
var payload = JObject.Parse(jwtPayload);
Console.WriteLine(payload[claimName].ToString());
EDIT 2021-12-07 (and a pandemic later) Per Olias' comment below, for Xamarin you can use:编辑 2021-12-07 (以及之后的大流行)根据Olias下面的评论,对于 Xamarin,您可以使用:
var jwt = new JwtSecurityToken(authResult.IdToken);
You need to ensure you set the Application claims that are returned from your Policies align with what you are expecting in your client application.您需要确保设置从您的策略返回的应用程序声明与您在客户端应用程序中的期望一致。 You need to do this for every Policy.
您需要为每个策略执行此操作。 The Claims will be then be present in the Token passed back as part of the AuthenticationResult.
然后,声明将出现在作为 AuthenticationResult 一部分传回的令牌中。 The sample code includes how you read out the Claims from the Token.
示例代码包括如何从令牌中读出声明。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.