AADB2C90304:用户旅程进入错误 state。在编排步骤中找不到 ID 为“LocalAccountSigninEmailExchange”的声明交换
[英]AADB2C90304: User journey went into a bad state. Claims exchange with id 'LocalAccountSigninEmailExchange' could not be found in orchestration step
问题描述
我有一个基于SocialAndLocal示例的自定义策略。
它在前面添加了 2 个 ClaimsTransformation 步骤。 这是第 3 步和第 4 步:
<OrchestrationStep Order="3" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
<ClaimsProviderSelections>
<ClaimsProviderSelection ValidationClaimsExchangeId="LocalAccountSigninEmailExchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="ForgotPasswordExchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="Social1Exchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="Social2Exchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="AdTesttenantExchange" />
</ClaimsProviderSelections>
<ClaimsExchanges>
<ClaimsExchange Id="LocalAccountSigninEmailExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-Email" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="4" Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsExchanges>
<ClaimsExchange Id="Social1Exchange" TechnicalProfileReferenceId="Social1Exchange-OpenIdConnect" />
<ClaimsExchange Id="Social2Exchange" TechnicalProfileReferenceId="Social2Exchange-OpenIdConnect" />
<ClaimsExchange Id="AdTesttenantExchange" TechnicalProfileReferenceId="AdTesttenantExchange-OpenIdConnect" />
<ClaimsExchange Id="ForgotPasswordExchange" TechnicalProfileReferenceId="ForgotPassword" />
</ClaimsExchanges>
</OrchestrationStep>
新登录方案工作正常。 但是在随后的登录中,如果用户使用其中一个社交 IDP,他们会收到如下错误:
这没有道理。 为什么 B2C 在步骤 3 中定义时在步骤 4 中查找 LocalAccountSigninEmailExchange?
我试着询问 MSFT 的支持,但到目前为止他们没有帮助(像往常一样)。 也许我可以在这里有更多的运气..
如果有用,我可以提供 Application Insights 跟踪。
2 个解决方案
解决方案1
0 2022-07-04 14:48:28
我发现一个可行的解决方法是将 CombinedSignInAndSignUp 分成两部分。
<OrchestrationStep Order="3" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>whitelabel</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsProviderSelections>
<ClaimsProviderSelection ValidationClaimsExchangeId="LocalAccountSigninEmailExchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="ForgotPasswordExchange" />
</ClaimsProviderSelections>
<ClaimsExchanges>
<ClaimsExchange Id="LocalAccountSigninEmailExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-Email" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="4" Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>whitelabel</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsExchanges>
<ClaimsExchange Id="ForgotPasswordExchange" TechnicalProfileReferenceId="ForgotPassword" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="5" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="false">
<Value>whitelabel</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsProviderSelections>
<ClaimsProviderSelection TargetClaimsExchangeId="Social1Exchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="Social2Exchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="TesttenantExchange" />
</ClaimsProviderSelections>
</OrchestrationStep>
<OrchestrationStep Order="6" Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="false">
<Value>whitelabel</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsExchanges>
<ClaimsExchange Id="Social1Exchange" TechnicalProfileReferenceId="Social1Exchange-OpenIdConnect" />
<ClaimsExchange Id="Social2Exchange" TechnicalProfileReferenceId="Social2Exchange-OpenIdConnect" />
<ClaimsExchange Id="TesttenantExchange" TechnicalProfileReferenceId="Testtenant-OpenIdConnect" />
</ClaimsExchanges>
</OrchestrationStep>
我仍在等待 MSFT 支持提出解释
解决方案2
0 2023-01-24 18:40:15
当我实施忘记密码时,我遇到了几乎类似的问题,
AADB2C90304: User journey went into a bad state. Claims exchange with id 'SignUpWithLogonEmailExchange' could not be found in orchestration step '2'.
问题可能主要出在 UserJourney 上。 在我的例子中,将 ClaimsExchange Id 的值更改为“SignUpWithLogonEmailExchange”解决了这个问题。
<ClaimsExchanges>
<ClaimsExchange Id="SignUpWithLogonEmailExchange"
如果您命名了其他任何东西。 尝试使用错误消息中提到的 Claim ID 更改 Claim ID。
理想情况下,只有 TechnicalProfileReferenceId 具有重要意义,但由于出现此特定错误,即使 ClaimsExchangeID 在此类情况下也显得很重要。
Setting.RetryLimit 不适用于 CombinedSignInAndSignUp 编排步骤
[英]Setting.RetryLimit not working with CombinedSignInAndSignUp Orchestration Step
无法转换出 state。state 未指向下一个 state
[英]Failed to transition out of the state. The state does not point to a next state
如何修复崩溃 IllegalStateException:设备上的文件系统处于错误状态 state。WorkManager 无法访问应用程序的内部数据存储
[英]How to fix crash IllegalStateException: The file system on the device is in a bad state. WorkManager cannot access the app's internal data store
Airflow 任务卡在“排队”中 state。依赖项阻止任务被安排
[英]Airflow task stuck in 'queued' state. Dependencies Blocking Task From Getting Scheduled
Azure AD B2C - 忘记密码用户之旅 - 不允许使用旧密码?
[英]Azure AD B2C - Forgot Password User Journey - Don't Allow old password?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
在 firebase 分析中使用 user_id 过滤用户旅程
Setting.RetryLimit 不适用于 CombinedSignInAndSignUp 编排步骤
无法转换出 state。state 未指向下一个 state
如何修复崩溃 IllegalStateException:设备上的文件系统处于错误状态 state。WorkManager 无法访问应用程序的内部数据存储
Airflow 任务卡在“排队”中 state。依赖项阻止任务被安排
Azure AD B2C - 忘记密码用户之旅 - 不允许使用旧密码?
找不到 pipe“异步”
使用自定义策略从 SPA 触发 AADB2C 密码更改
在 Step 函数中访问 Map State ( item )
aws 步函数/状态机,你可以启动并忘记吗?
相关标签