本文介绍了Azure-AD-B2C令牌格式的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我们构建了一个调用COSMOS DB的服务,用于在ID令牌中发送自定义声明。REST API的输出符合下面预期的令牌格式

{"personalAttributes":{"guid":"1b92e96e28b14737acac11d23dcdd3d0","familyName":"ABC","givenName":"PQR","name":"PQR","preferredUserName":"PQR","upn":"[email protected]",
"physicalLocation":"London, UK"
"roles":"Engineer","Engineer","Engineer",
"scopes":{"scopeName":"Application 2 - Pipe Spool install","initiative":"nan","operation":"nan","WBS":"nan"},
{"roleName":"Engineer","jobPosition":"Engineer","rolePermissions":"read, report, archive"},
{"roleName":"Engineer","jobPosition":"Engineer","rolePermissions":"read, report, archive"},
{"roleName":"Engineer","jobPosition":"Engineer","rolePermissions":"read, report, archive"}}
但是,当B2C在ID令牌中包含此内容时,它将附加/AND。我们尝试格式化输出,这导致B2C甚至不生成ID令牌。请告诉我们如何克服这一问题

TIA

推荐答案

看起来您正在尝试请求B2C将复杂对象输出为声明值。这是不受支持的,因此B2C将对象转换为字符串-产生您所看到的转义的JSON数据。

编辑以增加清晰度:从CosmosDB返回的personalAttributes值不是您在ClaimsSchema中定义的StringCollection(数组)。它是一个JSON对象。B2C不支持对象声明类型-您需要从对象中提取所需的精确值。

这篇关于Azure-AD-B2C令牌格式的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

10-24 20:48