1

我正在尝试在自定义策略中的声明类型中获取当前日期和时间,我正在尝试使用此处提到的声明转换之一

为此创建两种声明类型:

            <ClaimType Id="currentDateTime">
                <DisplayName>currentDateTime</DisplayName>
                <DataType>dateTime</DataType>
            </ClaimType>

            <ClaimType Id="systemDateTime">
                <DisplayName>currentDateTime</DisplayName>
                <DataType>dateTime</DataType>
            </ClaimType>

添加了此声明转换:

<ClaimsTransformation Id="GetSystemDateTime" TransformationMethod="GetCurrentDateTime">
  <OutputClaims>
    <OutputClaim ClaimTypeReferenceId="systemDateTime" TransformationClaimType="currentDateTime" />
  </OutputClaims>
</ClaimsTransformation>

在技​​术简介之一中称为输出声明转换:

        <TechnicalProfile Id="LocalAccountSignUpWithLogonCustomUserNameProfile">
                    <DisplayName>UserName signup</DisplayName>
                    <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
                    <Metadata>
                        <Item Key="IpAddressClaimReferenceId">IpAddress</Item>
                        <Item Key="ContentDefinitionReferenceId">api.localaccountsignup.name</Item>
                        <Item Key="language.button_continue">NEXT</Item>
                        <Item Key="setting.showCancelButton">false</Item>
                    </Metadata>
                    <CryptographicKeys>
                        <Key Id="issuer_secret" StorageReferenceId="B2C_1A_TokenSigningKeyContainer" />
                    </CryptographicKeys>
                    <PersistedClaims>
                        <PersistedClaim ClaimTypeReferenceId="email" />
                        <PersistedClaim ClaimTypeReferenceId="phone"  />
                        <PersistedClaim ClaimTypeReferenceId="countryCode"  />
                        <PersistedClaim ClaimTypeReferenceId="isEmailPresent" />
                    </PersistedClaims>
                    <OutputClaims>                                              
                        <OutputClaim ClaimTypeReferenceId="givenName" Required="true" />                      
                        <OutputClaim ClaimTypeReferenceId="surName" Required="true" />
                    </OutputClaims>
                    <OutputClaimsTransformations>
                        <OutputClaimsTransformation ReferenceId="GetSystemDateTime" />
                    </OutputClaimsTransformations>
                 </TechnicalProfile>

并尝试使用以下 TP 将数据写入 B2C:

  <TechnicalProfile Id="AAD-UserWriteUsingLogonUserNameAsEmail">
                    <Metadata>
                        <Item Key="Operation">Write</Item>
                        <Item Key="RaiseErrorIfClaimsPrincipalAlreadyExists">true</Item>
                    </Metadata>
                    <IncludeInSso>false</IncludeInSso>
                    <InputClaims>
                        <InputClaim ClaimTypeReferenceId="email" PartnerClaimType="signInNames.emailAddress" />
                    </InputClaims>
                    <PersistedClaims>
                        <!-- Required claims -->
                        <PersistedClaim ClaimTypeReferenceId="email" PartnerClaimType="signInNames.emailAddress" />
                        <PersistedClaim ClaimTypeReferenceId="newPassword" PartnerClaimType="password"/>
                        <PersistedClaim ClaimTypeReferenceId="displayName" DefaultValue="unknown" />
                        <PersistedClaim ClaimTypeReferenceId="passwordPolicies" DefaultValue="DisablePasswordExpiration, DisableStrongPassword" />

                        <!-- Optional claims. -->
                        <PersistedClaim ClaimTypeReferenceId="givenName" />
                        <PersistedClaim ClaimTypeReferenceId="surname" />
                        <PersistedClaim ClaimTypeReferenceId="currentDateTime" PartnerClaimType="extension_tncaccepteddatetime" />
                    </PersistedClaims>
                    <OutputClaims>
                        <OutputClaim ClaimTypeReferenceId="objectId" />
                        <OutputClaim ClaimTypeReferenceId="newUser" PartnerClaimType="newClaimsPrincipalCreated" />
                        <OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="localAccountAuthentication" />
                        <OutputClaim ClaimTypeReferenceId="userPrincipalName" />
                        <OutputClaim ClaimTypeReferenceId="signInNames.emailAddress" />
                        <OutputClaim ClaimTypeReferenceId="signInNames.phoneNumber" />
                    </OutputClaims>
                    <IncludeTechnicalProfile ReferenceId="AAD-Common" />
                    <UseTechnicalProfileForSessionManagement ReferenceId="SM-AAD" />
                </TechnicalProfile>

但是在阅读用户时,我没有得到 B2C 的价值。

4

1 回答 1

1

问题已解决,没有做太多。首先不需要 ClaimType currentDateTime并添加了声明转换:

<ClaimsTransformation Id="GetNewUserAgreeToTermsOfUseConsentDateTime" TransformationMethod="GetCurrentDateTime">
                <OutputClaims>
                    <OutputClaim ClaimTypeReferenceId="extension_tncaccepteddatetime" TransformationClaimType="currentDateTime" />
                </OutputClaims>
</ClaimsTransformation>

这里extension_tncaccepteddatetime是我的日期时间类型声明类型:

<ClaimType Id="extension_tncaccepteddatetime">
      <DisplayName>extension_tncaccepteddatetime</DisplayName>
      <DataType>dateTime</DataType>
</ClaimType>

添加了作为TP 的输入声明的强文本,并向 TP 添加了 InputClaimTransformation:

<InputClaims>
   <InputClaim ClaimTypeReferenceId="extension_tncaccepteddatetime" />
</InputClaims>

<InputClaimsTransformations>
   <InputClaimsTransformation ReferenceId="GetNewUserAgreeToTermsOfUseConsentDateTime" />
</InputClaimsTransformations>

并将其添加为持久声明:

<PersistedClaim ClaimTypeReferenceId="extension_tncaccepteddatetime" />

完毕!

于 2020-01-23T14:19:56.830 回答