堆栈内存溢出
  简体   繁体   English

如何设置Sign In only Azure B2C用户流量策略? 收到 HTTP401 错误

[英]How to set up a Sign In only Azure B2C user flow policy? Getting HTTP401 error

 原文  2021-10-07 15:20:41       c#/ .net/ asp.net-mvc/ owin/ azure-ad-b2c

问题描述

In my AccountController I have the following methods:在我的 AccountController 中,我有以下方法:

    /*
     *  Called when requesting to sign up or sign in
     */
    public void SignUpSignIn(string redirectUrl)
    {
        redirectUrl = redirectUrl ?? "/";

        // Use the default policy to process the sign up / sign in flow
        HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = redirectUrl });
        return;
    }

    /*
     *  Called when requesting to sign up
     */
    public void SignUp()
    {

        // Use the default policy to process the sign up flow
        HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = "/" }, Globals.SignUpPolicyId);
        return;
    }

The UserFlow is set up inside of Azure, called B2C_1_signup , and that's what Globals.SignUpPolicyId evaluates to. UserFlow 在 Azure 内部设置,称为B2C_1_signup ,这就是Globals.SignUpPolicyId的计算结果。 Yet, whenever I test it out, I get an HTTP 401 error .然而,每当我对其进行测试时,都会收到HTTP 401 错误

Here's the razor code that creates my button/link:这是创建我的按钮/链接的 razor 代码:

 @Html.ActionLink("Sign Up!", "SignUp", "Account", routeValues: null, htmlAttributes: new { id = "signUpLink", @class = "btn btn-default" })

Whenever I test the link provided by Microsoft inside of the B2C Tenant, it brings up the Sign Up page correctly.每当我在 B2C 租户内部测试 Microsoft 提供的链接时,它都会正确显示注册页面。

Here's the cleansed link provided by Microsoft for testing:这是 Microsoft 提供的用于测试的清理链接:

 https://mytenantname.b2clogin.com/mytenantname.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_signup&client_id=RANDOM_GUID&nonce=defaultNonce&redirect_uri=http%3A%2F%2Flocalhost%3A1111&scope=openid&response_type=id_token&prompt=login

What am I missing??我错过了什么??

1 个解决方案

解决方案1
 1 已采纳  2021-10-09 10:42:46

• The redirect URI string defined in the account controller should be defined in the app config settings as a private static string and the B2C policies as different identifiers as public static strings due to which when during the user flow, authentication redirection will happen through by referencing the concerned app config string rather than finding it in the controller file itself. • 帐户 controller 中定义的重定向 URI 字符串应在应用程序配置设置中定义为私有 static 字符串,B2C 策略应定义为与公共 static 字符串不同的标识符,因此在用户流期间,身份验证重定向将通过引用发生相关的应用程序配置字符串,而不是在 controller 文件本身中找到它。 Since, you are encountering HTTP 401 error due to authentication issues related to the browser session.由于与浏览器 session 相关的身份验证问题,您遇到 HTTP 401 错误。

Please find below the app controller sample methods calling the Azure AD B2C policies which works correctly as defined below for sign up, sign in and profile of the user to be authenticated: -请在下面找到调用 Azure AD B2C 策略的应用程序 controller 示例方法,该策略按照以下定义正确工作,用于注册、登录和要验证的用户配置文件:-

 public class AccountController : Controller
{
    public void SignIn()
    {
        if (!Request.IsAuthenticated)
        {
            // To execute a policy, you simply need to trigger an OWIN challenge.
            // You can indicate which policy to use by specifying the policy id as the AuthenticationType
            HttpContext.GetOwinContext().Authentication.Challenge(
                new AuthenticationProperties() { RedirectUri = "/" }, Startup.SignInPolicyId);
        }
    }

    public void SignUp()
    {
        if (!Request.IsAuthenticated)
        {
            HttpContext.GetOwinContext().Authentication.Challenge(
                new AuthenticationProperties() { RedirectUri = "/" }, Startup.SignUpPolicyId);
        }
    }

    public void Profile()
    {
        if (Request.IsAuthenticated)
        {
            HttpContext.GetOwinContext().Authentication.Challenge(
                new AuthenticationProperties() { RedirectUri = "/" }, Startup.ProfilePolicyId);
        }
    }

    public void SignOut()
    {
        // To sign out the user, you should issue an OpenIDConnect sign out request
        if (Request.IsAuthenticated)
        {
            IEnumerable<AuthenticationDescription> authTypes = HttpContext.GetOwinContext().Authentication.GetAuthenticationTypes();
            HttpContext.GetOwinContext().Authentication.SignOut(authTypes.Select(t => t.AuthenticationType).ToArray());
        }
    }
}

Also, refer the below link for more clarified information: -另外,请参阅以下链接以获取更多详细信息:-

https://bitoftech.net/2016/08/31/integrate-azure-ad-b2c-asp.net-mvc-web-app/ https://bitoftech.net/2016/08/31/integrate-azure-ad-b2c-asp.net-mvc-web-app/

Also, find the below gif output for reference: -另外,找到下面的 gif output 以供参考:-

Azure AD B2C 用户流输出

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 azure B2c无缝用户迁移自定义策略错误 - azure B2c Seamless user migration custom policy error 如何使用 Azure AD B2C 设置重定向 url 登录并注册 android 移动应用程序中的用户流程 - How to Set Redirect url using Azure AD B2C Sign in and Sign up userflows in android mobile application 使用 Azure AD B2C on.Net Core 3.1 获取 OBO 流的错误 AADST50013 - Getting error AADST50013 for OBO flow using Azure AD B2C on .Net Core 3.1 Azure B2C 在注册时验证电话号码? - Azure B2C verify Phone number on Sign UP? Azure B2C 监控登录日志:注册/注册 - Azure B2C Monitor SigninLogs: Sign Up/Register Azure B2C 自定义注册不显示输入字段 - Azure B2C custom Sign up not displaying input fields 如何从blazor app调用Azure AD B2C edit profile user flow? - How to call Azure AD B2C edit profile user flow from blazor app? 如何使用用户名 AND email 注册并使用用户名 OR email 使用 Azure AD B2C 本地帐户登录? - How to Sign up using Username AND email and sign in with username OR email using Azure AD B2C local account? Azure B2C用用户名登录? - Azure B2C sign in with username? Azure B2C - 无法让 B2C 用户流与另一个 Azure AD 实例一起作为自定义身份提供商 - Azure B2C - Can't get a B2C user flow to work with another Azure AD instance as a custom identity provider
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM