[英]How to enrich azure b2c token with custom claims using api connectors and asp net core web api
I have a user flow B2C_1_singupsingin1 I added an api connector, embed it in this stream and the endpoint url for the API call.我有一个用户流 B2C_1_singupsingin1 我添加了一个 api 连接器,将它嵌入到这个流和 API 调用的端点 url 中。 Used article: https://docs.microsoft.com/en-us/azure/active-directory-b2c/add-api-connector-token-enrichment?pivots=b2c-user-flow
二手文章: https : //docs.microsoft.com/en-us/azure/active-directory-b2c/add-api-connector-token-enrichment?pivots=b2c-user-flow
It is clear from the article that the API connector materializes as an HTTP POST request, sending custom attributes.从文章中可以清楚地看出,API 连接器具体化为 HTTP POST 请求,发送自定义属性。
My web api has an endpoint with the code:我的 web api 有一个带有代码的端点:
[HttpPost("enrich")]
public IActionResult Enrich([FromBody] JsonElement body)
{
var responseProperties = new Dictionary<string, object> //for example
{
{ "version", "1.0.0" },
{ "action", "Continue" },
{ "postalCode", "12349" },
{ "userId", 123 }
};
return new JsonResult(responseProperties) { StatusCode = 200 };
}
When I start a custom flow everything works, I get to that endpoint in api.当我开始自定义流程时,一切正常,我在 api 中到达该端点。 But there is a problem JsonElement body does't contain custom attributes.
但是有一个问题 JsonElement body 不包含自定义属性。 Inside I see
body.ValueKind = Undefined
.在里面我看到
body.ValueKind = Undefined
。 Tell me what am I doing wrong?告诉我我做错了什么?
Also, after all, I wanted to add a custom "userId" claim with some value from my database.此外,毕竟,我想添加一个自定义的“userId”声明,其中包含我的数据库中的一些值。 So that it is contained in the token issued in the subsequent.
以便它包含在随后发行的令牌中。 Would the code above be correct for this?
上面的代码对此是否正确?
Your code is fine.你的代码没问题。 Just add " extension_ " in front of postalCode and userId.
只需在 postalCode 和 userId 前面添加“ extension_ ”。
[HttpPost("log")]
public IActionResult Log([FromBody] JsonElement body)
{
var responseProperties = new Dictionary<string, object>
{
{ "version", "1.0.0" },
{ "action", "Continue" },
{ "extension_Role", "admin" },
};
return new JsonResult(responseProperties) { StatusCode = 200 };
}
In my Azure AD B2C I have a custom attribute called "Role".在我的 Azure AD B2C 中,我有一个名为“角色”的自定义属性。
But in debug mode I saw that for all the custom attributes extension_ is set as prefix...但是在调试模式下,我看到所有自定义属性extension_都设置为前缀...
So by adding this to responseProperties it seems to be working.因此,通过将其添加到 responseProperties 似乎可以正常工作。
I solved the problem a long time ago, but maybe my experience will help someone.我很久以前就解决了这个问题,但也许我的经验会对某人有所帮助。 First part of the question:
问题的第一部分:
"The body of the JsonElement contains no custom attributes. Inside I see body.ValueKind = Undefined"
“JsonElement 的主体不包含自定义属性。在里面我看到 body.ValueKind = Undefined”
What was the problem.出了什么问题。 To support HTTP Patch requests, I added the NewtonsoftJson package and configuration to Startup:
为了支持 HTTP 补丁请求,我在 Startup 中添加了 NewtonsoftJson 包和配置:
services.AddControllers().AddNewtonsoftJson(x =>
{
x.SerializerSettings.ReferenceLoopHandling = ReferenceLoopHandling.Ignore;
});
But I didn't consider that AddNewtonsoftJson replaces the System.Text.Json-based input and output formatters used for formatting all JSON content.但我没有考虑到 AddNewtonsoftJson 取代了用于格式化所有 JSON 内容的基于 System.Text.Json 的输入和输出格式化程序。 Because of this I was getting the above problem.
因此,我遇到了上述问题。 Solution from Microsoft documentation
Microsoft 文档中的解决方案
The solution to the second part of the question with a custom claims was provided by Steffen . Steffen提供了带有自定义声明的问题第二部分的解决方案。 You just need to add extension_ prefix to claim.
您只需要添加extension_前缀即可声明。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.