问题
The user could signup and can sign in just fine using Azure AD B2C with an email that contains +
. However, when clicking "Forgot password" link on the sign-in page and entering their e-mail with a +
char the following error is displayed:
I saw 2 related issues on Azure's feedback site:
allow plus sign in email addresses [ there's a comment by user Naud van Onna that matches this question. ]
I've seen a successful sign-up using a '+' symbol in the email address as well. Unfortunately the password reset functionality is not working using an email address with a '+' symbol.
and
Support plus-addressing in emails, which is invaluable for testing [ in this one it's mentioned e-mail sub-addressing
feature which describes our situation. We use the +
e-mail addresses to test our application. ]
Is there any place in the custom policies .xml
files where I can enter a custom regex to validate this e-mail address and allow the +
sign?
I saw <TechnicalProfile Id="LocalAccountDiscoveryUsingEmailAddress">
in TrustFrameworkBase.xml
file but I'm not sure where to modify it...
<!-- This technical profile forces the user to verify the email address that they provide on the UI. Only after email is verified, the user account is
read from the directory. -->
<TechnicalProfile Id="LocalAccountDiscoveryUsingEmailAddress">
.
.
.
回答1:
Well... after a little bit more research I found the error message "Please enter a valid e-mail address." in the email ClaimType
inside TrustFrameworkBase.xml
.
<ClaimType Id="email">
<DisplayName>Email Address</DisplayName>
<DataType>string</DataType>
<DefaultPartnerClaimTypes>
<Protocol Name="OpenIdConnect"
PartnerClaimType="email" />
</DefaultPartnerClaimTypes>
<UserHelpText>Email address that can be used to contact you.</UserHelpText>
<UserInputType>TextBox</UserInputType>
<Restriction>
<Pattern RegularExpression="^[a-zA-Z0-9.!#$%&'^_`{}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$"
HelpText="Please enter a valid email address." />
</Restriction>
</ClaimType>
This regex
^[a-zA-Z0-9.!#$%&'^_`{}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$
is the one that validates the email... we just need to tweek it so that it accepts the +
sign like this:
^[a-zA-Z0-9.+!#$%&'^_`{}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*$
Microsoft doc about ClaimsSchema.
来源:https://stackoverflow.com/questions/58646052/azure-ad-b2c-custom-password-reset-policy-wont-validate-e-mail-with-char-sign