问题
I'm using msal js library to redirect SPA to b2c policy.
I can't find an example of sending some custom claim to the b2c policy (like extension_Brand) from javascript application.
What I have found is .NET example: https://github.com/Azure-Samples/active-directory-b2c-advanced-policies/blob/d62c3f9e573ac8b5a9adc1565c6254f632e2a531/wingtipgamesb2c/src/WingTipMusicWebApplication/Startup.cs#L108 But it uses .NET library.
Which JS library can send claim to the b2c policy?
回答1:
There are no JS examples that I know of.
You can use MSAL.js to send claims to B2C via the extraQueryParameters arg on loginPop, loginRedirect, etc.
Make an ajax call to the server to get a JWT and then pass along that JWT to B2C.
The claims are sent to B2C in that example here:
context.ProtocolMessage.Parameters.Add("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
context.ProtocolMessage.Parameters.Add("client_assertion", selfIssuedToken);
Sample JS code
The server-side example is just making an HTTP request which means you can do the same thing in JavaScript:
var client_assertion_type = encodeURIComponent("urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
var jwtQueryParams = "client_assertion_type=" + client_assertion_type + "&client_assertion=" + jwt;
msalApp.loginRedirect(myScopes, jwtQueryParams);
来源:https://stackoverflow.com/questions/48519812/example-of-sending-claim-to-azure-ad-b2c-policy-from-js-single-page-application