我花了一些时间让我的MVC 6 .NET Core网站与Azure B2C一起工作,一切似乎都很顺利。然而,围绕这些说法有几个问题,我似乎无法找出正确的策略。使用Azure B2C/.NET Core更新声明
说一个用户在我的网站上注册电子邮件,名字,姓氏。一旦注册完成后,我想添加一条记录到我的数据库中引用此用户的UserProfile表中。
问题1: 我应该在Azure B2C中创建“UserProfileId”声明吗?还是应该在我的数据库表中创建一个引用AD用户的“ObjectId”字段?什么会更有意义?
问题2: 一旦用户注册,我在哪里以及如何更新AD用户声明?我会在其中一个事件中做到吗?或者别的地方?我看到有一个“用户是新的”声明,我可以检查吗?
OnAuthenticationValidated
OnAuthorizationCodeReceived
OnRedirectToAuthenticationEndpoint
问题3: 更新的版权声明,我会用:Microsoft.Azure.ActiveDirectory.GraphClient?有没有人有关于如何更新自定义索赔的示例代码?我试过这个,但它似乎没有坚持:
var identity = context.AuthenticationTicket.Principal.Identity as ClaimsIdentity;
identity?.AddClaim(new Claim("EmployeeId", "33"));
这是我的验证配置。谢谢!!!!!
public void ConfigureAuth(IApplicationBuilder app, IOptions<PolicySettings> policySettings, AuthenticationHelper authHelper)
{
app.UseCookieAuthentication(options =>
{
options.AutomaticAuthenticate = true;
options.AutomaticChallenge = true;
options.AccessDeniedPath = "/Home/Forbidden";
options.CookieSecure = CookieSecureOption.Always;
options.ExpireTimeSpan = TimeSpan.FromHours(1);
options.SlidingExpiration = true;
});
app.UseOpenIdConnectAuthentication(options =>
{
options.PostLogoutRedirectUri = policySettings.Value.PostLogoutRedirectUri;
options.AutomaticAuthenticate = true;
options.AutomaticChallenge = true;
options.ClientId = policySettings.Value.ClientId;
options.CallbackPath = new PathString("/signin-mysite");
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email");
options.ResponseType = OpenIdConnectResponseTypes.IdToken;
options.Authority = string.Format(CultureInfo.InvariantCulture, "{0}/{1}", policySettings.Value.AadInstance, policySettings.Value.Tenant);
options.Events = new OpenIdConnectEvents {
OnAuthenticationValidated = OnAuthenticationValidated,
OnAuthorizationCodeReceived = OnAuthorizationCodeReceived,
OnAuthenticationFailed = OnAuthenticationFailed,
OnRedirectToAuthenticationEndpoint = OnRedirectToAuthenticationEndpoint
};
options.ConfigurationManager = new PolicyConfigurationManager(
String.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}/{3}", policySettings.Value.AadInstance, policySettings.Value.Tenant, "v2.0", OpenIdProviderMetadataNames.Discovery),
new string[] { policySettings.Value.SignUpInPolicyId, policySettings.Value.ProfilePolicyId, policySettings.Value.PasswordPolicyId });
});
}