[英]How to set up a Sign In only Azure B2C user flow policy? Getting HTTP401 error
在我的 AccountController 中,我有以下方法:
/*
* Called when requesting to sign up or sign in
*/
public void SignUpSignIn(string redirectUrl)
{
redirectUrl = redirectUrl ?? "/";
// Use the default policy to process the sign up / sign in flow
HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = redirectUrl });
return;
}
/*
* Called when requesting to sign up
*/
public void SignUp()
{
// Use the default policy to process the sign up flow
HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = "/" }, Globals.SignUpPolicyId);
return;
}
UserFlow 在 Azure 内部设置,称为B2C_1_signup ,这就是Globals.SignUpPolicyId的计算结果。 然而,每当我对其进行测试时,都会收到HTTP 401 错误。
这是创建我的按钮/链接的 razor 代码:
@Html.ActionLink("Sign Up!", "SignUp", "Account", routeValues: null, htmlAttributes: new { id = "signUpLink", @class = "btn btn-default" })
每当我在 B2C 租户内部测试 Microsoft 提供的链接时,它都会正确显示注册页面。
这是 Microsoft 提供的用于测试的清理链接:
https://mytenantname.b2clogin.com/mytenantname.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_signup&client_id=RANDOM_GUID&nonce=defaultNonce&redirect_uri=http%3A%2F%2Flocalhost%3A1111&scope=openid&response_type=id_token&prompt=login
我错过了什么??
• 帐户 controller 中定义的重定向 URI 字符串应在应用程序配置设置中定义为私有 static 字符串,B2C 策略应定义为与公共 static 字符串不同的标识符,因此在用户流期间,身份验证重定向将通过引用发生相关的应用程序配置字符串,而不是在 controller 文件本身中找到它。 由于与浏览器 session 相关的身份验证问题,您遇到 HTTP 401 错误。
请在下面找到调用 Azure AD B2C 策略的应用程序 controller 示例方法,该策略按照以下定义正确工作,用于注册、登录和要验证的用户配置文件:-
public class AccountController : Controller
{
public void SignIn()
{
if (!Request.IsAuthenticated)
{
// To execute a policy, you simply need to trigger an OWIN challenge.
// You can indicate which policy to use by specifying the policy id as the AuthenticationType
HttpContext.GetOwinContext().Authentication.Challenge(
new AuthenticationProperties() { RedirectUri = "/" }, Startup.SignInPolicyId);
}
}
public void SignUp()
{
if (!Request.IsAuthenticated)
{
HttpContext.GetOwinContext().Authentication.Challenge(
new AuthenticationProperties() { RedirectUri = "/" }, Startup.SignUpPolicyId);
}
}
public void Profile()
{
if (Request.IsAuthenticated)
{
HttpContext.GetOwinContext().Authentication.Challenge(
new AuthenticationProperties() { RedirectUri = "/" }, Startup.ProfilePolicyId);
}
}
public void SignOut()
{
// To sign out the user, you should issue an OpenIDConnect sign out request
if (Request.IsAuthenticated)
{
IEnumerable<AuthenticationDescription> authTypes = HttpContext.GetOwinContext().Authentication.GetAuthenticationTypes();
HttpContext.GetOwinContext().Authentication.SignOut(authTypes.Select(t => t.AuthenticationType).ToArray());
}
}
}
另外,请参阅以下链接以获取更多详细信息:-
https://bitoftech.net/2016/08/31/integrate-azure-ad-b2c-asp.net-mvc-web-app/
另外,找到下面的 gif output 以供参考:-
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.