azuread oauth redirect_uri查詢參數

Question

是否可以將自定義查詢參數添加到AzureAD OAuth流的redirect_uri中？

我們已經嘗試過，但是當OAuth流重定向回redirect_uri時，我們添加的任何查詢參數都已被剝離。我想知道是否有一種方法來配置AzureAD應用程序來保持這種自定義查詢參數

Answer 1

是否可以將自定義查詢參數添加到AzureAD OAuth流的redirect_uri？

是的，如果您將Azure AD與OWIN集成，則很容易添加自定義查詢參數。這個問題也被討論here，這是供你參考代碼示例：

在Startup.Auth.cs，設置如下面的OpenIdConnectAuthenticationOptions：

app.UseOpenIdConnectAuthentication(
    new OpenIdConnectAuthenticationOptions 
    { 
    //... 
    Notifications = new OpenIdConnectAuthenticationNotifications 
    { 
     RedirectToIdentityProvider = OnRedirectToIdentityProvider, 
     MessageReceived = OnMessageReceived 
    }, 
    }); 

注入的自定義參數使用RedirectToIdentityProvider：

private Task OnRedirectToIdentityProvider(RedirectToIdentityProviderNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification) 
{ 
    var stateQueryString = notification.ProtocolMessage.State.Split('='); 
    var protectedState = stateQueryString[1]; 
    var state = notification.Options.StateDataFormat.Unprotect(protectedState); 
    state.Dictionary.Add("mycustomparameter", "myvalue"); 
    notification.ProtocolMessage.State = stateQueryString[0] + "=" + notification.Options.StateDataFormat.Protect(state); 
    return Task.FromResult(0); 
} 

然後使用的messageReceived將其解壓：

private Task OnMessageReceived(MessageReceivedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification) 
{ 
    string mycustomparameter; 
    var protectedState = notification.ProtocolMessage.State.Split('=')[1]; 
    var state = notification.Options.StateDataFormat.Unprotect(protectedState); 
    state.Dictionary.TryGetValue("mycustomparameter", out mycustomparameter); 
    return Task.FromResult(0); 
}