AngularJS hash # problem after Azure B2C Sign Up policy redirects to application

孤人 提交于 2019-12-02 08:41:22

问题


What we'd like to do is to automatically Sign In\Login the user after they successfully Sign Up.

Let's say the user got an invitation for the application. They go to the Sign Up page, fills out the form and clicks the Create button. If all is OK, the user is added to Azure B2C directory and then we'd somehow have the Sign In policy run automatically OR some other way of logging in automatically.

So I just want to know if this is viable or not when using Azure B2C.

EDIT

After further debugging I see what is the problem...

We have an old AngularJS (1.6) SPA application.

An #id_token is sent back from Azure B2C after the user completes the Sign Up process... however after the URL in the browser has the #id_token, control is not passed to the application, that is, OWIN middleware is not being called. For the Sign In it works as expected since it starts from within the SPA itself. The user clicks the Login button and is redirected by msalService.loginRedirect.

The Sign Up policy execution is different because it starts by an e-mail invitation link only. So it's not from within the SPA itself. The hash portion of #id_token is being messed up by AngularJS once Azure B2C redirects back to the app.

I already played with AngularJS $locationProvider.html5(true) mode but it did not work.

What I'm trying to do now is to redirect to a custom signup.html reply URL and then return to the AngularJS app but I'm not sure how to wire up this.


回答1:


By default, at the end of a flow (i.e. all built-in flows except the password reset flow and all custom flows except the password reset flow), an SSO session is generated for the user so, in effect, they are signed in after sign-up.

Therefore, the default experience in the same session is that, if a user signs up for App A and then is redirected to sign in for App B, then they won't be prompted to re-authenticate.

You can configure the sign-up and sign-in flows so that they issue the same claims so applications can handle the sign-up and sign-in callbacks with the same behavior.



来源:https://stackoverflow.com/questions/57062803/angularjs-hash-problem-after-azure-b2c-sign-up-policy-redirects-to-application

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!