问题
We are using Azure b2c to handle our logins on our .net core MVC site.
We would like to use the optional state parameter to hold onto some data/a value between the initial request to the site (this value would likely be in a querystring param) which is then sent off to b2c to login, and the successfully logged in return back to the site.
OpenIDConnect allow the setting of this state value in the request, and will pass it back with the token response.
It appears that setting the value is relatively simple; in the OnRedirectToIdentityProvider event in the OpenIdConnectOptions like so:
public Task OnRedirectToIdentityProvider(RedirectContext context){
...
context.ProtocolMessage.SetParameter("state", "mystatevalue");
...
}
however, I cannot see how to get this value back again when the user is returned.
I can see that the OnTicketReceived event is hit, and this has a TicketReceivedContext which has a Form property with a state value in it, however this is still encrypted.
Where would i be able to get the un-encrypted value back from?
I have had a look at the Azure docs for b2c but I cannot find an example on this.
thanks
回答1:
Managed to get this working by using the OnTokenValidated event.
This is able to get the unencrypted parameter as below.
...//first set up the new event
options.Events = new OpenIdConnectEvents()
{
...
OnTokenValidated = OnTokenValidated
};
...
private Task OnTokenValidated(TokenValidatedContext tokenValidatedContext)
{
var stateValue = tokenValidatedContext.ProtocolMessage.GetParameter("state");
if (stateValue != null)
{
//do something with that value..
}
return Task.CompletedTask;
}
来源:https://stackoverflow.com/questions/48420393/how-to-extract-state-parameter-from-openidconnect-token-response-in-net-core-mv