Handle password reset with Azure B2C in .Net Core Web Api
Question
I'm building a web API that allows users to sign in or sign up with Azure B2C. I'm using the sign-up or sign-in policy , which gives me a "Forgot your password?" link. Clicking on this link gives me an access_denied with an error description of AADB2C90118 .
How do I handle this error in my web API?
Note: I'm using a customized authentication UI for the sign-in/sign-up form.
1 answers
solution1
1 ACCPTED 2018-02-20 20:55:15
Take a look at the wingtips sample .
Note that this mainly shows that your application needs to do a redirect when this error occurs. Not sure what role you want your API to play.
Specifically look for the error code AADB2C90118 you mentioned: https://github.com/Azure-Samples/active-directory-b2c-advanced-policies/search?utf8=%E2%9C%93&q=AADB2C90118&type=
Conroller action to handle the reset:
Some code taken from there:
options = new OpenIdConnectAuthenticationOptions
{
Notifications = new OpenIdConnectAuthenticationNotifications()
{
AuthenticationFailed = context =>
{
context.HandleResponse();
if (context.ProtocolMessage.Error == "access_denied" && context.ProtocolMessage.ErrorDescription.StartsWith("AADB2C90118"))
{
context.Response.Redirect("/Account/ResetPassword");
}
And
var openIdConnectAuthenticationOptions = new OpenIdConnectOptions
{
[...]
Events = new OpenIdConnectEvents
{
OnRemoteFailure = context =>
{
[...]
// Handle the error that is raised when a user has requested to recover a password.
if (!string.IsNullOrEmpty(context.Failure.Message) &&
context.Failure.Message.Contains("access_denied") &&
context.Failure.Message.Contains("AADB2C90118"))
{
context.Response.Redirect($"/Account/RecoverPassword?ReturnUrl={context.HttpContext.Items["redirect_uri"]}");
context.HandleResponse();
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.