我花了一些時間讓我的MVC 6 .NET Core網站與Azure B2C一起工作,一切似乎都很順利。然而,圍繞這些說法有幾個問題,我似乎無法找出正確的策略。使用Azure B2C/.NET Core更新聲明
說一個用戶在我的網站上註冊電子郵件,名字,姓氏。一旦註冊完成後,我想添加一條記錄到我的數據庫中引用此用戶的UserProfile表中。
問題1: 我應該在Azure B2C中創建「UserProfileId」聲明嗎?還是應該在我的數據庫表中創建一個引用AD用戶的「ObjectId」字段?什麼會更有意義?
問題2: 一旦用戶註冊,我在哪裏以及如何更新AD用戶聲明?我會在其中一個事件中做到嗎?或者別的地方?我看到有一個「用戶是新的」聲明,我可以檢查嗎?
OnAuthenticationValidated
OnAuthorizationCodeReceived
OnRedirectToAuthenticationEndpoint
問題3: 更新的版權聲明,我會用:Microsoft.Azure.ActiveDirectory.GraphClient?有沒有人有關於如何更新自定義索賠的示例代碼?我試過這個,但它似乎沒有堅持:
var identity = context.AuthenticationTicket.Principal.Identity as ClaimsIdentity;
identity?.AddClaim(new Claim("EmployeeId", "33"));
這是我的驗證配置。謝謝!!!!!
public void ConfigureAuth(IApplicationBuilder app, IOptions<PolicySettings> policySettings, AuthenticationHelper authHelper)
{
app.UseCookieAuthentication(options =>
{
options.AutomaticAuthenticate = true;
options.AutomaticChallenge = true;
options.AccessDeniedPath = "/Home/Forbidden";
options.CookieSecure = CookieSecureOption.Always;
options.ExpireTimeSpan = TimeSpan.FromHours(1);
options.SlidingExpiration = true;
});
app.UseOpenIdConnectAuthentication(options =>
{
options.PostLogoutRedirectUri = policySettings.Value.PostLogoutRedirectUri;
options.AutomaticAuthenticate = true;
options.AutomaticChallenge = true;
options.ClientId = policySettings.Value.ClientId;
options.CallbackPath = new PathString("/signin-mysite");
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email");
options.ResponseType = OpenIdConnectResponseTypes.IdToken;
options.Authority = string.Format(CultureInfo.InvariantCulture, "{0}/{1}", policySettings.Value.AadInstance, policySettings.Value.Tenant);
options.Events = new OpenIdConnectEvents {
OnAuthenticationValidated = OnAuthenticationValidated,
OnAuthorizationCodeReceived = OnAuthorizationCodeReceived,
OnAuthenticationFailed = OnAuthenticationFailed,
OnRedirectToAuthenticationEndpoint = OnRedirectToAuthenticationEndpoint
};
options.ConfigurationManager = new PolicyConfigurationManager(
String.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}/{3}", policySettings.Value.AadInstance, policySettings.Value.Tenant, "v2.0", OpenIdProviderMetadataNames.Discovery),
new string[] { policySettings.Value.SignUpInPolicyId, policySettings.Value.ProfilePolicyId, policySettings.Value.PasswordPolicyId });
});
}