[英]AADB2C90304: User journey went into a bad state. Claims exchange with id 'LocalAccountSigninEmailExchange' could not be found in orchestration step
我有一个基于SocialAndLocal示例的自定义策略。
它在前面添加了 2 个 ClaimsTransformation 步骤。 这是第 3 步和第 4 步:
<OrchestrationStep Order="3" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
<ClaimsProviderSelections>
<ClaimsProviderSelection ValidationClaimsExchangeId="LocalAccountSigninEmailExchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="ForgotPasswordExchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="Social1Exchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="Social2Exchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="AdTesttenantExchange" />
</ClaimsProviderSelections>
<ClaimsExchanges>
<ClaimsExchange Id="LocalAccountSigninEmailExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-Email" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="4" Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsExchanges>
<ClaimsExchange Id="Social1Exchange" TechnicalProfileReferenceId="Social1Exchange-OpenIdConnect" />
<ClaimsExchange Id="Social2Exchange" TechnicalProfileReferenceId="Social2Exchange-OpenIdConnect" />
<ClaimsExchange Id="AdTesttenantExchange" TechnicalProfileReferenceId="AdTesttenantExchange-OpenIdConnect" />
<ClaimsExchange Id="ForgotPasswordExchange" TechnicalProfileReferenceId="ForgotPassword" />
</ClaimsExchanges>
</OrchestrationStep>
新登录方案工作正常。 但是在随后的登录中,如果用户使用其中一个社交 IDP,他们会收到如下错误:
这没有道理。 为什么 B2C 在步骤 3 中定义时在步骤 4 中查找 LocalAccountSigninEmailExchange?
我试着询问 MSFT 的支持,但到目前为止他们没有帮助(像往常一样)。 也许我可以在这里有更多的运气..
如果有用,我可以提供 Application Insights 跟踪。
我发现一个可行的解决方法是将 CombinedSignInAndSignUp 分成两部分。
<OrchestrationStep Order="3" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>whitelabel</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsProviderSelections>
<ClaimsProviderSelection ValidationClaimsExchangeId="LocalAccountSigninEmailExchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="ForgotPasswordExchange" />
</ClaimsProviderSelections>
<ClaimsExchanges>
<ClaimsExchange Id="LocalAccountSigninEmailExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-Email" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="4" Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>whitelabel</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsExchanges>
<ClaimsExchange Id="ForgotPasswordExchange" TechnicalProfileReferenceId="ForgotPassword" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="5" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="false">
<Value>whitelabel</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsProviderSelections>
<ClaimsProviderSelection TargetClaimsExchangeId="Social1Exchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="Social2Exchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="TesttenantExchange" />
</ClaimsProviderSelections>
</OrchestrationStep>
<OrchestrationStep Order="6" Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="false">
<Value>whitelabel</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsExchanges>
<ClaimsExchange Id="Social1Exchange" TechnicalProfileReferenceId="Social1Exchange-OpenIdConnect" />
<ClaimsExchange Id="Social2Exchange" TechnicalProfileReferenceId="Social2Exchange-OpenIdConnect" />
<ClaimsExchange Id="TesttenantExchange" TechnicalProfileReferenceId="Testtenant-OpenIdConnect" />
</ClaimsExchanges>
</OrchestrationStep>
我仍在等待 MSFT 支持提出解释
当我实施忘记密码时,我遇到了几乎类似的问题,
AADB2C90304: User journey went into a bad state. Claims exchange with id 'SignUpWithLogonEmailExchange' could not be found in orchestration step '2'.
问题可能主要出在 UserJourney 上。 在我的例子中,将 ClaimsExchange Id 的值更改为“SignUpWithLogonEmailExchange”解决了这个问题。
<ClaimsExchanges>
<ClaimsExchange Id="SignUpWithLogonEmailExchange"
如果您命名了其他任何东西。 尝试使用错误消息中提到的 Claim ID 更改 Claim ID。
理想情况下,只有 TechnicalProfileReferenceId 具有重要意义,但由于出现此特定错误,即使 ClaimsExchangeID 在此类情况下也显得很重要。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.