个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
25
4
有人可以帮助我理解 Azure AD B2C 的这种行为,并揭示我在 SSO session 方面不理解的地方吗?
我有一个相当复杂的自定义登录策略,其中包括自定义注册和嵌入式重置密码的子旅程,遵循 embedded password reset sample 。我有一个声明 signinOption,它被设置为 SignUp 或 ForgotPassword,具体取决于 CombinedSignInAndSignUp 中的声明提供者选择编排步骤。然后,我检查 signinOption 的值来决定是否启动每个子旅程。第一次就一切顺利。
我的问题是在 React 中使用 MSAL 时出现的,但我还没有确定如何可靠地重现它。 MSAL 似乎正在发送 cookie,而 B2C 正在检测现有 session ,因此它会跳过登录屏幕,让我进入子旅程之一(注册或忘记密码)。关闭浏览器并不能解决问题。每次我启动网络应用程序时,它都会启动登录自定义策略,然后我会进入错误的屏幕。我修复该状态的唯一方法是清除我的 B2C 租户域的 cookie。
我有一个用户旅程日志,希望有人可以帮助我分析以找出问题所在。在这种情况下,流程直接进入“忘记密码”旅程。我可以看到它执行了 ForgotPasswordExchange ,它设置了我的 signinOption 声明,这就是触发子旅程的原因。我的问题是,当用户没有单击登录屏幕上的“忘记密码”时,为什么它会执行 ForgotPasswordExchange,因为登录屏幕完全被跳过了。
它是否以某种方式记住了 session 中的内容?
一些代码可以让您了解我的设置,这是关键部分。
覆盖忘记的密码和注册链接:
<TechnicalProfile Id="ForgotPassword">
<DisplayName>Forgot your password?</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.ClaimsTransformationProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="signinOption" DefaultValue="ForgotPassword" AlwaysUseDefaultValue="true"/>
</OutputClaims>
</TechnicalProfile>
<TechnicalProfile Id="SignUp">
<DisplayName>Sign up?</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.ClaimsTransformationProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="signinOption" DefaultValue="SignUp" AlwaysUseDefaultValue="true"/>
</OutputClaims>
</TechnicalProfile>
<TechnicalProfile Id="SelfAsserted-LocalAccountSignin-Email">
<Metadata>
<Item Key="setting.forgotPasswordLinkOverride">ForgotPasswordExchange</Item>
<Item Key="SignUpTarget">SignUpExchange</Item>
</Metadata>
</TechnicalProfile>
我的编排步骤:
<OrchestrationStep Order="1" Type="GetClaims"
CpimIssuerTechnicalProfileReferenceId="IdTokenHint_ExtractClaims"/>
<OrchestrationStep Order="2" Type="CombinedSignInAndSignUp"
ContentDefinitionReferenceId="api.signuporsignin">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>signinOption</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsProviderSelections DisplayOption="ShowSingleProvider">
<ClaimsProviderSelection ValidationClaimsExchangeId="LocalAccountSigninEmailExchange"/>
<ClaimsProviderSelection TargetClaimsExchangeId="SignUpExchange"/>
<ClaimsProviderSelection TargetClaimsExchangeId="ForgotPasswordExchange"/>
</ClaimsProviderSelections>
<ClaimsExchanges>
<ClaimsExchange Id="LocalAccountSigninEmailExchange"
TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-Email"/>
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="3" Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>signinOption</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsExchanges>
<ClaimsExchange Id="SignUpExchange" TechnicalProfileReferenceId="SignUp"/>
<ClaimsExchange Id="ForgotPasswordExchange" TechnicalProfileReferenceId="ForgotPassword"/>
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="4" Type="InvokeSubJourney">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
<Precondition Type="ClaimEquals" ExecuteActionsIf="false">
<Value>signinOption</Value>
<Value>ForgotPassword</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<JourneyList>
<Candidate SubJourneyReferenceId="PasswordReset"/>
</JourneyList>
</OrchestrationStep>
<OrchestrationStep Order="5" Type="InvokeSubJourney">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
<Precondition Type="ClaimEquals" ExecuteActionsIf="false">
<Value>signinOption</Value>
<Value>SignUp</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<JourneyList>
<Candidate SubJourneyReferenceId="SignUp"/>
</JourneyList>
</OrchestrationStep>
以及用户旅程日志:
[
{
"Kind": "Headers",
"Content": {
"UserJourneyRecorderEndpoint": "urn:journeyrecorder:applicationinsights",
"CorrelationId": "7fcfa796-ecfe-43df-9e08-ec5317e1beb2",
"EventInstance": "Event:AUTH",
"TenantId": "mytenant.onmicrosoft.com",
"PolicyId": "B2C_1A_Signin"
}
},
{
"Kind": "Transition",
"Content": {
"EventName": "AUTH",
"StateName": "Initial"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.NoOpHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"Statebag": {
"MACHSTATE": {
"c": "2021-06-10T01:13:52.7375163Z",
"k": "MACHSTATE",
"v": "Initial",
"p": true
},
"JC": {
"c": "2021-06-10T01:13:52.7375163Z",
"k": "JC",
"v": "en",
"p": true
},
"ComplexItems": "_MachineEventQ, TCTX"
},
"PredicateResult": "True"
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.OrchestrationManager"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"Statebag": {
"Complex-CLMS": {},
"ORCH_CS": {
"c": "2021-06-10T01:13:52.7375163Z",
"k": "ORCH_CS",
"v": "0",
"p": true
},
"RA": {
"c": "2021-06-10T01:13:52.7375163Z",
"k": "RA",
"v": "0",
"p": true
},
"ComplexItems": "_MachineEventQ, TCTX, ORCH_IDX"
}
}
},
{
"Kind": "Transition",
"Content": {
"EventName": "PreStep",
"StateName": "Initial"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.NoOpHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"PredicateResult": "True"
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.StateMachineHandlers.PreSetupHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"Statebag": {
"RPP": {
"c": "2021-06-10T01:13:52.7375163Z",
"k": "RPP",
"v": "OAUTH2",
"p": true
},
"RPIPP": {
"c": "2021-06-10T01:13:52.7375163Z",
"k": "RPIPP",
"v": "OAuth2ProtocolProvider",
"p": true
},
"OTID": {
"c": "2021-06-10T01:13:52.7375163Z",
"k": "OTID",
"v": "mytenant.onmicrosoft.com",
"p": true
},
"APPMV": {
"c": "2021-06-10T01:13:52.7375163Z",
"k": "APPMV",
"v": "V2",
"p": true
}
}
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.InitiatingMessageValidationHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": false,
"RecorderRecord": {
"Values": [
{
"Key": "Validation",
"Value": {
"Values": [
{
"Key": "SubmittedBy",
"Value": "Application"
},
{
"Key": "ProtocolProviderType",
"Value": "OpenIdConnectProtocolProvider"
}
]
}
}
]
},
"Statebag": {
"CT": {
"c": "2021-06-10T01:13:52.8875243Z",
"k": "CT",
"v": "Spa",
"p": true
},
"CC": {
"c": "2021-06-10T01:13:52.8875243Z",
"k": "CC",
"v": "gIsVYH_0vVOTcxFUoYdb9oen4eq6Bfionj1djotzkQ4",
"p": true
},
"CCM": {
"c": "2021-06-10T01:13:52.8875243Z",
"k": "CCM",
"v": "S256",
"p": true
},
"MSG(508dad2b-059e-4fb5-9719-f24c8d5360e8)": {
"c": "2021-06-10T01:13:52.8925242Z",
"k": "MSG(508dad2b-059e-4fb5-9719-f24c8d5360e8)",
"v": "{\"TenantId\":\"mytenant.onmicrosoft.com\",\"PolicyId\":\"B2C_1A_Signin\",\"RedirectUri\":\"https://mywebsite.com.au/\",\"AdditionalParameters\":{\"client-request-id\":\"eb98add7-a02c-3312-a98c-b0f9c6ddeb15\",\"x-client-SKU\":\"msal.js.browser\",\"x-client-VER\":\"2.14.2\",\"x-client-OS\":\"\",\"x-client-CPU\":\"\",\"client_info\":\"1\",\"code_challenge\":\"gIsVYH_0wWOTcxFUoYdb9oen4eq6Bfionj1djotzkQ4\",\"code_challenge_method\":\"S256\"},\"Nonce\":\"41d42929-eabb-45a3-b0f2-743b89247a24\",\"State\":\"eyJpZCI6IjEwOGUyOWUzLTY3YzMtNGQ1OS05YmFkLTBkMWIwN2QyM2ZiOSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0=\",\"ClientId\":\"cb8678e1-0eee-4f6f-868a-72b968b0a8c0\",\"ResponseType\":\"code\",\"ResponseMode\":\"fragment\",\"ResponseRedirector\":{\"URI\":\"https://mywebsite.com.au\",\"D\":false,\"WF\":true},\"Scope\":\"https://mytenant.onmicrosoft.com/api/user.read openid profile offline_access\",\"AppModelVersion\":1,\"ScopedProviders\":[]}",
"p": true,
"t": "OAuth2"
},
"CMESSAGE": {
"c": "2021-06-10T01:13:52.8925242Z",
"k": "CMESSAGE",
"v": "508dad2b-059e-4fb5-9719-f24c8d5360e8",
"p": true
},
"IMESSAGE": {
"c": "2021-06-10T01:13:52.8925242Z",
"k": "IMESSAGE",
"v": "508dad2b-059e-4fb5-9719-f24c8d5360e8",
"p": true
},
"ComplexItems": "_MachineEventQ, TCTX, ORCH_IDX, REPRM, IC"
},
"PredicateResult": "True"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.NoOpHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"PredicateResult": "True"
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.SSO.ResetSSOSessionHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.StateMachineHandlers.ClientInputClaimsTransformationHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.OrchestrationManager"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"Statebag": {
"ORCH_CS": {
"c": "2021-06-10T01:13:52.9025365Z",
"k": "ORCH_CS",
"v": "1",
"p": true
}
}
}
},
{
"Kind": "Transition",
"Content": {
"EventName": "GetClaims",
"StateName": "AwaitingNextStep"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.NoOpHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"Statebag": {
"MACHSTATE": {
"c": "2021-06-10T01:13:52.9025365Z",
"k": "MACHSTATE",
"v": "AwaitingNextStep",
"p": true
}
},
"PredicateResult": "True"
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.StateMachineHandlers.GetRelyingPartyInputClaimsHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.OrchestrationManager"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"Statebag": {
"ORCH_CS": {
"c": "2021-06-10T01:13:52.9025365Z",
"k": "ORCH_CS",
"v": "2",
"p": true
}
}
}
},
{
"Kind": "Transition",
"Content": {
"EventName": "CombinedSignInAndSignUp",
"StateName": "AwaitingNextStep"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.SSO.IsSSOSessionParticipantHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"PredicateResult": "False"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.HomeRealmDiscoveryHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"RecorderRecord": {
"Values": [
{
"Key": "HomeRealmDiscovery",
"Value": {
"Values": [
{
"Key": "CurrentStep",
"Value": 2
},
{
"Key": "TechnicalProfileEnabled",
"Value": {
"EnabledRule": "Always",
"EnabledResult": true,
"TechnicalProfile": "SelfAsserted-LocalAccountSignin-Email"
}
},
{
"Key": "TechnicalProfileEnabled",
"Value": {
"EnabledRule": "Always",
"EnabledResult": true,
"TechnicalProfile": "SignUp"
}
},
{
"Key": "TechnicalProfileEnabled",
"Value": {
"EnabledRule": "Always",
"EnabledResult": true,
"TechnicalProfile": "ForgotPassword"
}
}
]
}
}
]
},
"Statebag": {
"TAGE": {
"c": "2021-06-10T01:13:52.907517Z",
"k": "TAGE",
"v": "ForgotPasswordExchange",
"p": true
}
},
"PredicateResult": "True"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.NoOpHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"PredicateResult": "True"
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.SSO.SSOSessionHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.OrchestrationManager"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"Statebag": {
"ORCH_CS": {
"c": "2021-06-10T01:13:52.907517Z",
"k": "ORCH_CS",
"v": "3",
"p": true
}
}
}
},
{
"Kind": "Transition",
"Content": {
"EventName": "ClaimsExchange",
"StateName": "AwaitingNextStep"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.ShouldOrchestrationStepBeInvokedHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"RecorderRecord": {
"Values": [
{
"Key": "EnabledForUserJourneysTrue",
"Value": {
"Values": [
{
"Key": "CurrentStep",
"Value": 3
},
{
"Key": "TechnicalProfileEnabled",
"Value": {
"EnabledRule": "Always",
"EnabledResult": true,
"TechnicalProfile": "SignUp"
}
},
{
"Key": "TechnicalProfileEnabled",
"Value": {
"EnabledRule": "Always",
"EnabledResult": true,
"TechnicalProfile": "ForgotPassword"
}
}
]
}
}
]
},
"PredicateResult": "True"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.IsClaimsExchangeProtocolARedirectionHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"PredicateResult": "False"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.IsClaimsExchangeProtocolAnApiHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"PredicateResult": "False"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.SSO.IsSSOSessionParticipantHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"PredicateResult": "False"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.IsClaimsExchangeProtocolAServiceCallHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"RecorderRecord": {
"Values": [
{
"Key": "InitiatingClaimsExchange",
"Value": {
"ProtocolType": "backend protocol",
"TargetEntity": "ForgotPasswordExchange",
"TechnicalProfileId": "ForgotPassword",
"ProtocolProviderType": "ClaimsTransformationProtocolProvider"
}
}
]
},
"PredicateResult": "True"
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.StateMachineHandlers.GenerateRequestInputParamsHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": false
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.StateMachineHandlers.InputClaimsTransformationHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.StateMachineHandlers.PersistedClaimsTransformationHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.StateMachineHandlers.OutputClaimsTransformationHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"RecorderRecord": {
"Values": [
{
"Key": "GettingClaims",
"Value": {
"Values": [
{
"Key": "InitiatingBackendClaimsExchange",
"Value": {
"TechnicalProfileId": "ForgotPassword",
"ProtocolProviderType": "ClaimsTransformationProtocolProvider"
}
}
]
}
},
{
"Key": "OutputClaimsTransformation",
"Value": {
"Values": [
{
"Key": "MappingDefaultValueForClaim",
"Value": {
"PartnerClaimType": "signinOption",
"PolicyClaimType": "signinOption"
}
}
]
}
}
]
},
"Statebag": {
"Complex-CLMS": {
"signinOption": "ForgotPassword"
}
}
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.SSO.SSOSessionHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.OrchestrationManager"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"Statebag": {
"ORCH_CS": {
"c": "2021-06-10T01:13:52.9125258Z",
"k": "ORCH_CS",
"v": "4",
"p": true
}
}
}
},
{
"Kind": "Transition",
"Content": {
"EventName": "InvokeSubJourney",
"StateName": "AwaitingNextStep"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.NoOpHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"PredicateResult": "True"
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.StateMachineHandlers.EnqueueNewJourneyHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"RecorderRecord": {
"Values": [
{
"Key": "SubJourneyInvoked",
"Value": "PasswordReset"
}
]
},
"Statebag": {
"ORCH_CS": {
"c": "2021-06-10T01:13:52.9125258Z",
"k": "ORCH_CS",
"v": "0",
"p": true
},
"ComplexItems": "_MachineEventQ, TCTX, ORCH_IDX, REPRM, IC, JL"
}
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.OrchestrationManager"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"Statebag": {
"ORCH_CS": {
"c": "2021-06-10T01:13:52.9125258Z",
"k": "ORCH_CS",
"v": "1",
"p": true
}
}
}
},
{
"Kind": "Transition",
"Content": {
"EventName": "ClaimsExchange",
"StateName": "AwaitingNextStep"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.ShouldOrchestrationStepBeInvokedHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"RecorderRecord": {
"Values": [
{
"Key": "EnabledForUserJourneysTrue",
"Value": {
"Values": [
{
"Key": "CurrentStep",
"Value": 1
},
{
"Key": "TechnicalProfileEnabled",
"Value": {
"EnabledRule": "Always",
"EnabledResult": true,
"TechnicalProfile": "LocalAccountDiscoveryUsingEmailAddress"
}
}
]
}
}
]
},
"PredicateResult": "True"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.IsClaimsExchangeProtocolARedirectionHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"PredicateResult": "False"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.IsClaimsExchangeProtocolAnApiHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"RecorderRecord": {
"Values": [
{
"Key": "InitiatingClaimsExchange",
"Value": {
"ProtocolType": "Identity Experience Engine API",
"TargetEntity": "ForgotPasswordExchange",
"TechnicalProfileId": "LocalAccountDiscoveryUsingEmailAddress",
"ProtocolProviderType": "SelfAssertedAttributeProvider"
}
}
]
},
"PredicateResult": "True"
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.StateMachineHandlers.SwitchToApiOrchestrationHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true
}
},
{
"Kind": "Transition",
"Content": {
"EventName": "SELFASSERTED",
"StateName": "AwaitingNextStep"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.SSO.IsSSOSessionParticipantHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"PredicateResult": "False"
}
},
{
"Kind": "Predicate",
"Content": "Web.TPEngine.StateMachineHandlers.IsSelfAssertedEmpty"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"PredicateResult": "False"
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.StateMachineHandlers.InputClaimsTransformationHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.StateMachineHandlers.ConvertToAttributeFieldHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"Statebag": {
"ComplexItems": "_MachineEventQ, TCTX, ORCH_IDX, REPRM, IC, JL, SA_FIELDS"
}
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.StateMachineHandlers.ApiLoadHandler"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"Statebag": {
"ComplexItems": "_MachineEventQ, TCTX, ORCH_IDX, REPRM, IC, JL, SA_FIELDS, EID, UXRC, ARC"
}
}
},
{
"Kind": "Action",
"Content": "Web.TPEngine.Api.ApiUIManager"
},
{
"Kind": "HandlerResult",
"Content": {
"Result": true,
"RecorderRecord": {
"Values": [
{
"Key": "ApiUiManagerInfo",
"Value": {
"Values": [
{
"Key": "Language",
"Value": "..."
},
{
"Key": "Settings",
"Value": "..."
}
]
}
}
]
}
}
}
]
最佳答案
因此,通过一些试验和错误,我发现了问题的解决方案,并认为我对 B2C 自定义策略黑匣子有了一些额外的了解。
我找出了复制步骤:
我的问题的解决方案是添加 <UseTechnicalProfileForSessionManagement ReferenceId="SM-AAD"/>在我的编排步骤中的每个技术配置文件。这包括我为处理 SignUpLink 和忘记密码目标而创建的声明交换 TP。
我的理解是,B2C 逐步完成所有编排步骤,当它检测到 session 时,它会跳过任何使用 session 管理的 TP。就我而言,只有步骤 2 SelfAsserted-LocalAccountSignin-Email有 session 管理,所以这被跳过了。我只能假设先前选择的声明提供者选择已保存并从 session 中检索,这导致它的行为就像用户再次选择了它一样。
由于后续步骤没有使用 session 管理,因此它们最终被执行,使用户进入注册或重置密码屏幕,具体取决于先前选择的声明提供者。
如果有人可以扩展我的理解或提出更完善的解决方案,我会洗耳恭听。
关于Azure B2C session 导致意外流量,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/67915001/
25
4
0
似乎有很多方法可以在 Azure 中自动使用 PowerShell。由于 ARM 模板是最新的,Azure 中的其他 PowerShell 选项是否已过时?这些工具/脚本之间有什么区别: Azure
我正在开发一个将托管在 Azure 中的 Web API。我想使用 Azure 诊断将错误记录到 Azure 表存储中。在经典门户中,我可以将日志配置为转到 Azure 表存储。 Classic Po
Azure 文件存储事件可以触发 Azure WebJob 或 Azure Function 吗? 例如,在文件夹“/todo/”中创建文件时。 最佳答案 我们目前没有任何 Azure 文件绑定(bi
我需要创建一个逻辑应用程序,我的要求是,我需要从 azure data Lake Gen2 文件夹迁移 json 文件,并根据某些值需要将该 json 转换为 xml,然后将其发送到 SQL。 因此,
我使用 VS Code 创建了 1 个 node.js 和 1 个 java Azure Function 当我使用 VS Code 将这两个函数部署到 Azure 时,我最终获得了这么多 Azure
收集 Azure 诊断数据时,暂存槽是否也会将诊断数据发送到 WadPerformanceCounters 表? 如果是这样,我该如何关闭它?或者在阅读诊断信息时如何区分暂存/生产。 我不想显示有关我
您好,我是 Azure 的新手。我有 VS 2012 和 Azure SDK 2.1,当我使用模拟器运行我的 Web 应用程序时一切正常。但是当我在 azure 上部署时出现错误消息: Could n
我很难区分 Azure 订阅和 Azure 租户有何不同?我尝试使用示例来弄清楚,但每次我得出的结论是它们在某种程度上是相同的?如果租户是组织在注册 Microsoft 云服务时接收并拥有的 Azur
如果我想在 Azure Insights 中设置自定义指标集合,并以(近)实时的方式可视化其中一些指标,并查看聚合的历史数据,我应该使用 Azure Metrics Explorer 还是 Azure
我想了解具有以下配置的 Azure 数据工厂 (ADF) 的现实示例/用例: Azure 集成运行时 (AIR) 默认值 自托管集成运行时(SHIR) 其他问题: 这两种配置(AIR 和 SHIR)是
请参阅下面来自 Azure 服务总线的指标。想要识别请求数量中的背景噪音|流量较低时的响应。假设振荡请求| session 中 amqp 握手的响应是潜在的。只是不明白这是什么类型的握手?从总线接收的
此问题与 Azure 事件中心和 Azure 服务总线之间的区别无关。 问题如下: 如果您将Azure Events Hub添加到您的应用程序中,那么您会注意到它依赖于Azure Service Bu
这两个事情是完全不同的,还是它们能完成的事情大致相同/相似? 最佳答案 Azure 辅助角色是“应用程序场”中您自己的一组虚拟机。您可以以分布式方式在它们上运行任何代码。通常,您编写业务代码以在这些服
我目前正在使用 Windows Azure 虚拟机来运行 RStudio, 我的虚拟机是 Windows Server R2 2012,它是 Azure 上的一项附加服务。 我还有一个 Azure 存
我们正在寻找托管一个网站(一些 css、js、一个 html 文件,但不是 aspx、一个通用处理程序)。 我们部署为: 1) Azure 网站 2) Azure 云服务 两种解决方案都有效。但有一个
我想从 Azure 表创建 blob。 AzCopy 支持此功能,但我找不到任何说明数据移动 API 也支持它的文档。此选项可用吗? https://azure.microsoft.com/en-us
This article表示 Azure 订阅所有者有权访问订阅中的所有资源。但是,要访问 Azure 数据库,必须是数据库中的用户,或者是 Azure Admin AD 组的成员。 无论 SQL 安
我尝试使用以下代码将 XML 文件上传到 Azure FTP 服务器: https://www.c-sharpcorner.com/article/upload-and-download-files-
除了 Azure 服务总线使用主题而 Azure 事件中心基于事件 - Azure 事件中心和 Azure 服务总线之间是否有任何根本区别? 对我来说,事件和消息之间没有真正的区别,因为两者只是不同类
我有一个通过虚拟网络网关连接到 Azure 虚拟网络的 Windows VPN 客户端。目标#1 是使用其内部 IP 地址连接到我的虚拟机。这有效。 第二个目标是使用其内部计算机名称进行连接(因为 I
我是一名优秀的程序员,十分优秀!