如何在Azure Ad B2c中获取用户个人资料详细信息
[英]How to get user profile details in azure ad b2c
问题描述
I'm using Azure AD B2C authentication for my MVC web application. 
我正在为我的MVC Web应用程序使用Azure AD B2C身份验证。 I have developed the sign-in part of the project. 我已经开发了该项目的登录部分。 Now I want to get the user's details when a user logs into the web app. 现在,我想在用户登录Web应用程序时获取用户的详细信息。 I have seen some of the articles which explain how to edit user details. 我看过一些说明如何编辑用户详细信息的文章。 But I couldn't find anything related to get user profile data. 但是我找不到与获取用户个人资料数据相关的任何信息。 Please Help. 请帮忙。
This is my SignIn action. 这是我的登录操作。
public ActionResult SignIn()
{
if (!Request.IsAuthenticated)
{
var authenticationManager = HttpContext.GetOwinContext().Authentication;
authenticationManager.Challenge(new AuthenticationProperties() { RedirectUri = "/" }, Startup.SignInPolicyId);
return Content("");
}
else
{
return Redirect("~/Home/Login");
}
}
2 个解决方案
解决方案1
0 2017-05-09 16:07:34
You have two options: 您有两种选择:
OPTION 1, PREFERRED - Use Azure AD B2C's Edit Profile functionality 选项1,首选-使用Azure AD B2C的“编辑配置文件”功能
Add logic on the RedirectToIdentityProvider handler to override the policy when calling out to Azure AD B2C
在RedirectToIdentityProvider处理程序上添加逻辑以在调出Azure AD B2C时覆盖策略
/*
* On each call to Azure AD B2C, check if a policy (e.g. the profile edit or password reset policy) has been specified in the OWIN context.
* If so, use that policy when making the call. Also, don't request a code (since it won't be needed).
*/
private Task OnRedirectToIdentityProvider(RedirectToIdentityProviderNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification)
{
var policy = notification.OwinContext.Get<string>("Policy");
if (!string.IsNullOrEmpty(policy) && !policy.Equals(DefaultPolicy))
{
notification.ProtocolMessage.Scope = OpenIdConnectScopes.OpenId;
notification.ProtocolMessage.ResponseType = OpenIdConnectResponseTypes.IdToken;
notification.ProtocolMessage.IssuerAddress = notification.ProtocolMessage.IssuerAddress.Replace(DefaultPolicy, policy);
}
return Task.FromResult(0);
}
- Create your EditProfile controller action ensuring it indicates that the EditProfilePolicy should be used: 创建您的EditProfile控制器操作,确保它指示应使用EditProfilePolicy:
public void EditProfile()
{
if (Request.IsAuthenticated)
{
// Let the middleware know you are trying to use the edit profile policy (see OnRedirectToIdentityProvider in Startup.Auth.cs)
HttpContext.GetOwinContext().Set("Policy", Startup.EditProfilePolicyId);
// Set the page to redirect to after editing the profile
var authenticationProperties = new AuthenticationProperties { RedirectUri = "/" }; HttpContext.GetOwinContext().Authentication.Challenge(authenticationProperties);
return;
}
Response.Redirect("/");
}
OPTION 2 - Implement your own Edit Profile screen and experience I won't go into the details of this option as this is quite lengthy but at a high level you would need to: 选项2-实施您自己的“编辑配置文件”屏幕和体验我将不介绍此选项的细节,因为它相当冗长,但从总体上讲,您需要:
- Implement your own screen 实施自己的屏幕
- Implement your own API secured by Azure AD B2C (meaning that it requires and Azure AD B2C access token) and have this API use Client Credentials to update the user in question . 实施自己的由Azure AD B2C保护的API(这意味着它需要和Azure AD B2C访问令牌),并使该API 使用客户端凭据来更新所讨论的用户 。
解决方案2
0 2017-05-16 08:37:58
Within the B2C policy you need to add claims. 在B2C政策中,您需要添加声明。
Select the policy -> Edit -> Application Claims -> Select the ones you want -> save. 选择策略->编辑->应用程序声明->选择所需的内容->保存。
When a use signs in, these will be added to their token. 当用户登录时,这些将添加到其令牌中。 You can then enumerate them within your code after they have logged in.: 登录后,您可以在代码中枚举它们:
var claimsIdentity = (System.Security.Claims.ClaimsIdentity)User.Identity;
foreach (var claim in claimsIdentity.Claims)
{
// do stuff with claim.Type & claim.Value
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.