无法将查询参数传递给azure-ad-b2c自定义策略和存储值

Question

我有一个场景，我必须将URL中的查询参数传递给我的自定义注册策略，到目前为止，我所有的尝试都不起作用。按照我在github中找到的指导原则，我似乎遗漏了一些东西。我正在尝试传递LoyaltyNumber，并且在我的策略中将此属性定义为extension_LoyaltyNumber。下面是代码片段

我的自定义注册策略

<RelyingParty>
<DefaultUserJourney ReferenceId="SignUp" />
<UserJourneyBehaviors>
   <ContentDefinitionParameters>
    <Parameter Name="LoyaltyNumber">{OAUTH-KV:LoyaltyNumber}</Parameter>
  </ContentDefinitionParameters>
</UserJourneyBehaviors>
<TechnicalProfile Id="PolicyProfile">
  <DisplayName>PolicyProfile</DisplayName>
  <Protocol Name="OpenIdConnect" />
  <InputClaims>
    <InputClaim ClaimTypeReferenceId="email" />
    <InputClaim ClaimTypeReferenceId="extension_LoyaltyNumber" /> 
  </InputClaims>
  <OutputClaims>
    <OutputClaim ClaimTypeReferenceId="displayName" />
    <OutputClaim ClaimTypeReferenceId="givenName" />
    <OutputClaim ClaimTypeReferenceId="surname" />
    <OutputClaim ClaimTypeReferenceId="signInNames.emailAddress" PartnerClaimType="email" />
    <OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="sub"/>
    <OutputClaim ClaimTypeReferenceId="tenantId" AlwaysUseDefaultValue="true" DefaultValue="{Policy:TenantObjectId}" />
    <OutputClaim ClaimTypeReferenceId="extension_ValidPassword" />
    <OutputClaim ClaimTypeReferenceId="extension_LoyaltyNumber" AlwaysUseDefaultValue="true"/>
  </OutputClaims>
  <SubjectNamingInfo ClaimType="sub" />
</TechnicalProfile>

在我的TrustFrameworkExtension.xml中，我在本地帐户中定义了它，如下所示

<ClaimsProvider>
      <DisplayName>Local Account</DisplayName>
      <TechnicalProfiles>
        <!--Local account sign-up page-->
        <TechnicalProfile Id="LocalAccountSignUpWithLogonEmail">
        <Metadata>
            <Item Key="IncludeClaimResolvingInClaimsHandling">true</Item>
        </Metadata>
       <InputClaims>
           <InputClaim ClaimTypeReferenceId="extension_LoyaltyNumber" AlwaysUseDefaultValue="true" DefaultValue="{OAUTH-K:LoyaltyNumber}" />
         </InputClaims>                                                                      
          <OutputClaims>
            <OutputClaim ClaimTypeReferenceId="email" PartnerClaimType="Verified.Email" Required="true" />
            <OutputClaim ClaimTypeReferenceId="newPassword" Required="true" />
            <OutputClaim ClaimTypeReferenceId="reenterPassword" Required="true" />
            <OutputClaim ClaimTypeReferenceId="displayName" />
            <OutputClaim ClaimTypeReferenceId="givenName" />
            <OutputClaim ClaimTypeReferenceId="surName" />
        </OutputClaims>
      </TechnicalProfile>

       <TechnicalProfile Id="SelfAsserted-LocalAccountSignin-Email">
           <Metadata>
            <Item Key="setting.showSignupLink">false</Item>
          </Metadata>
        </TechnicalProfile>
       
      </TechnicalProfiles>
    </ClaimsProvider>

我也把它放在了大楼区……

<BuildingBlocks>
    <ClaimsSchema>
      <ClaimType Id="extension_LoyaltyNumber">
        <DisplayName>Loyality-Number</DisplayName>
        <DataType>string</DataType>
        <UserHelpText>Your loyality from your membership card</UserHelpText>
      </ClaimType>
  </ClaimsSchema>
  </BuildingBlocks>

我还可以将它写入Azure Active Directory声明提供程序部分，如下所示

<ClaimsProvider>
      <DisplayName>Azure Active Directory</DisplayName>
      <TechnicalProfiles>
        <TechnicalProfile Id="AAD-Common">
          <Metadata>
            <!--Insert b2c-extensions-app application ID here, for example: 11111111-1111-1111-1111-111111111111-->  
            <Item Key="ClientId">11111111-1111-1111-1111-111111111111</Item>
            <!--Insert b2c-extensions-app application ObjectId here, for example: 22222222-2222-2222-2222-222222222222-->
            <Item Key="ApplicationObjectId">22222222-2222-2222-2222-222222222222</Item>
          </Metadata>
        </TechnicalProfile>

        <TechnicalProfile Id="AAD-UserWriteUsingLogonEmail">
          <PersistedClaims>
            <PersistedClaim ClaimTypeReferenceId="extension_LoyaltyNumber" />
          </PersistedClaims>
        </TechnicalProfile>

        <TechnicalProfile Id="AAD-UserReadUsingObjectId">
          <OutputClaims>
            <OutputClaim ClaimTypeReferenceId="extension_LoyaltyNumber" />
          </OutputClaims>
        </TechnicalProfile>

      </TechnicalProfiles> 
    </ClaimsProvider>

并使用以下方法从我的web应用程序进行重定向

public void SignUpNewUser()
        {
            if (!Request.IsAuthenticated)
            {
                var authenticationProperties = new AuthenticationProperties();
                authenticationProperties.Dictionary.Add("LoyaltyNumber", "556677");
                authenticationProperties.RedirectUri = "/";
                HttpContext.GetOwinContext().Authentication.Challenge(authenticationProperties, Startup.SignUpPolicyId);

            }
        }

我在用户注册自定义属性extension_LoyaltyNumber后得到的结果是{OAUTH-K:LoyaltyNumber}

不知何故，我作为查询参数传递的值556677没有到达这个自定义属性，也没有存储在Azure用户属性中

你能帮上忙吗？

谢谢

Answer 1

添加

<OutputClaim ClaimTypeReferenceId="extension_LoyaltyNumber" />

敬LocalAccountSignUpWithLogonEmail。输出声明允许在后续编排步骤中使用声明。

在<RelyingParty>部分中，将您的输出声明更改为以下内容，它已经解决了，因此不需要在这里再次解决它：

<OutputClaim ClaimTypeReferenceId="extension_LoyaltyNumber" />

Answer 2

当我想要处理查询字符串参数时，我所做的是：

创建TechnicalProfile：

  <TechnicalProfile Id="GetMyParameter">
    <DisplayName>GetMyParameter</DisplayName>
    <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.ClaimsTransformationProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
    <Metadata>
        <Item Key="IncludeClaimResolvingInClaimsHandling">true</Item>
    </Metadata>
    <OutputClaims>
        <OutputClaim ClaimTypeReferenceId="myParameter" AlwaysUseDefaultValue="true" DefaultValue="{OAUTH-KV:myparameter}" />
    </OutputClaims>
  </TechnicalProfile>

然后在需要索赔值之前在OrchestrationStep中运行该配置文件(它可以是第一个，也可以是后面的某个地方，据我所知，这并不重要)。

您可以在技术配置文件中有任意多的参数。每次都有效，如果不提供值就不会崩溃。