在使用AzureADB2C进行身份验证时,我希望将在门户中管理的自定义声明添加到声明原则中
current code in start up
services.AddAuthentication(AzureADB2CDefaults.AuthenticationScheme)
.AddAzureADB2C(options => Configuration.Bind("AzureAdB2C", options));
我认为它应该像这样工作,但仅在Token验证通过时才有效。
services.AddAuthentication(AzureADB2CDefaults.AuthenticationScheme)
.AddAzureADB2C(options => Configuration.Bind("AzureAdB2C", options))
.AddJwtBearer(o =>
{
o.Events = new JwtBearerEvents
{
OnTokenValidated = async ctx =>
{
var claims = new List<Claim> { new Claim("ConfidentialAccess", "true") };
var appIdentity = new ClaimsIdentity(claims);
ctx.Principal.AddIdentity(appIdentity);
}
};
});
context.Principal.Identity,然后仅向该var claimsIdentity副本添加声明。我不明白为什么context.Principal.Identity最终也包含自定义声明? - Lukas