来自 REST API 调用的错误消息未显示在 B2C 自定义策略中
Error messages from REST API call is not showing in B2C custom policy
我在我的自定义策略中有一个自我声明的技术配置文件,它有一个验证技术配置文件,它是一个 REST API(azure 函数)调用。我没有直接从策略中调用 azure 函数,从策略中调用 azure APIM 并且 APIM 将请求传递给 azure 函数。
我面临的问题是,当我的函数 returns 一条自定义错误消息未按策略中的预期显示时。
return new OkObjectResult(new ResponseContentModel
{
userMessage = "Sorry, Please provide valid information ",
status = 409,
retryCounter = data.RetryCounter
});
我的技术简介如下:
<TechnicalProfile Id="Registration">
<DisplayName>Email signup</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="IpAddressClaimReferenceId">IpAddress</Item>
<Item Key="ContentDefinitionReferenceId">api.localaccountsignup</Item>
<Item Key="language.button_continue">Activate Account</Item>
<!-- Sample: Remove sign-up email verification -->
<Item Key="EnforceEmailVerification">False</Item>
<Item Key="setting.retryLimit">5</Item>
</Metadata>
<InputClaimsTransformations>
<!--Sample: Copy the email to ReadOnlyEamil claim type-->
<InputClaimsTransformation ReferenceId="CreateReadOnlyEmailAddress" />
</InputClaimsTransformations>
<InputClaims>
<InputClaim ClaimTypeReferenceId="email" />
<InputClaim ClaimTypeReferenceId="givenName" />
<InputClaim ClaimTypeReferenceId="surname" />
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="objectId" DefaultValue="123" />
<OutputClaim ClaimTypeReferenceId="newPassword" Required="true" />
<OutputClaim ClaimTypeReferenceId="reenterPassword" Required="true" />
<OutputClaim ClaimTypeReferenceId="tncCheckbox" Required="true" />
<OutputClaim ClaimTypeReferenceId="retryCounter" DefaultValue="0" />
<OutputClaim ClaimTypeReferenceId="isFound" DefaultValue="false" />
<OutputClaim ClaimTypeReferenceId="executed-SelfAsserted-Input" DefaultValue="true" />
<OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="localAccountAuthentication"/>
<OutputClaim ClaimTypeReferenceId="newUser" DefaultValue="true" />
</OutputClaims>
<ValidationTechnicalProfiles>
<ValidationTechnicalProfile ReferenceId="API-Validate-UserInfo" />
<ValidationTechnicalProfile ReferenceId="AAD-UserWriteUsingLogonEmail" />
</ValidationTechnicalProfiles>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
</TechnicalProfile>
RESTAPI验证技术简介如下:
<TechnicalProfile Id="API-Validate-UserInfo">
<DisplayName>User OTP Notifications</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="ServiceUrl">https://myapimurl</Item>
<Item Key="SendClaimsIn">Body</Item>
<Item Key="AuthenticationType">ClientCertificate</Item>
</Metadata>
<CryptographicKeys>
<Key Id="ClientCertificate" StorageReferenceId="B2C_1A_APIMClientCertificate" />
</CryptographicKeys>
<InputClaims>
<InputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="GivenName" />
<InputClaim ClaimTypeReferenceId="surname" PartnerClaimType="SurName"/>
<InputClaim ClaimTypeReferenceId="email" PartnerClaimType="Email"/>
<InputClaim ClaimTypeReferenceId="retryCounter" PartnerClaimType="RetryCounter"/>
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="retryCounter" />
<OutputClaim ClaimTypeReferenceId="isFound" />
</OutputClaims>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
</TechnicalProfile>
UI 中显示的错误消息是:
步骤“5”中指定的声明交换 'API-Validate-UserInfo' 返回 HTTP 错误响应,代码为 'BadRequest',原因为 'Bad Request'。
关于函数,我使用的是.net core 3.1,函数运行时版本是~3
找到提到的问题this article.
需要在响应消息版本中包含version,status和userMessage是错误响应消息的必填字段。
{
version = "1.0.0",
userMessage = "Sorry, Something happened unexpectedly. Please try after sometime.",
status = 409,
}
根据本文档,这是必需的错误结构:
Returning validation error message
此外,请确保响应应具有与内容错误代码相对应的 http 错误代码:
return StatusCode(409, new ResponseContent { userMessage = ex.Message });
其中 ResponseContent 具有以下结构:
public class ResponseContent : IResult
{
public string version { get; set; }
public int status { get; set; }
public string code { get; set; }
public string userMessage { get; set; }
public string developerMessage { get; set; }
public string requestId { get; set; }
public string moreInfo { get; set; }
public ResponseContent()
{
version = "1.0.0";
status = 409;
code = "API12345";
requestId = "50f0bd91-2ff4-4b8f-828f-00f170519ddb";
userMessage = "Message for the user";
developerMessage = "Verbose description of problem and how to fix it.";
moreInfo = "https://docs.microsoft.com/en-us/azure/active-directory-b2c/restful-technical-profile#returning-validation-error-message";
}
}
我在我的自定义策略中有一个自我声明的技术配置文件,它有一个验证技术配置文件,它是一个 REST API(azure 函数)调用。我没有直接从策略中调用 azure 函数,从策略中调用 azure APIM 并且 APIM 将请求传递给 azure 函数。
我面临的问题是,当我的函数 returns 一条自定义错误消息未按策略中的预期显示时。
return new OkObjectResult(new ResponseContentModel
{
userMessage = "Sorry, Please provide valid information ",
status = 409,
retryCounter = data.RetryCounter
});
我的技术简介如下:
<TechnicalProfile Id="Registration">
<DisplayName>Email signup</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="IpAddressClaimReferenceId">IpAddress</Item>
<Item Key="ContentDefinitionReferenceId">api.localaccountsignup</Item>
<Item Key="language.button_continue">Activate Account</Item>
<!-- Sample: Remove sign-up email verification -->
<Item Key="EnforceEmailVerification">False</Item>
<Item Key="setting.retryLimit">5</Item>
</Metadata>
<InputClaimsTransformations>
<!--Sample: Copy the email to ReadOnlyEamil claim type-->
<InputClaimsTransformation ReferenceId="CreateReadOnlyEmailAddress" />
</InputClaimsTransformations>
<InputClaims>
<InputClaim ClaimTypeReferenceId="email" />
<InputClaim ClaimTypeReferenceId="givenName" />
<InputClaim ClaimTypeReferenceId="surname" />
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="objectId" DefaultValue="123" />
<OutputClaim ClaimTypeReferenceId="newPassword" Required="true" />
<OutputClaim ClaimTypeReferenceId="reenterPassword" Required="true" />
<OutputClaim ClaimTypeReferenceId="tncCheckbox" Required="true" />
<OutputClaim ClaimTypeReferenceId="retryCounter" DefaultValue="0" />
<OutputClaim ClaimTypeReferenceId="isFound" DefaultValue="false" />
<OutputClaim ClaimTypeReferenceId="executed-SelfAsserted-Input" DefaultValue="true" />
<OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="localAccountAuthentication"/>
<OutputClaim ClaimTypeReferenceId="newUser" DefaultValue="true" />
</OutputClaims>
<ValidationTechnicalProfiles>
<ValidationTechnicalProfile ReferenceId="API-Validate-UserInfo" />
<ValidationTechnicalProfile ReferenceId="AAD-UserWriteUsingLogonEmail" />
</ValidationTechnicalProfiles>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
</TechnicalProfile>
RESTAPI验证技术简介如下:
<TechnicalProfile Id="API-Validate-UserInfo">
<DisplayName>User OTP Notifications</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="ServiceUrl">https://myapimurl</Item>
<Item Key="SendClaimsIn">Body</Item>
<Item Key="AuthenticationType">ClientCertificate</Item>
</Metadata>
<CryptographicKeys>
<Key Id="ClientCertificate" StorageReferenceId="B2C_1A_APIMClientCertificate" />
</CryptographicKeys>
<InputClaims>
<InputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="GivenName" />
<InputClaim ClaimTypeReferenceId="surname" PartnerClaimType="SurName"/>
<InputClaim ClaimTypeReferenceId="email" PartnerClaimType="Email"/>
<InputClaim ClaimTypeReferenceId="retryCounter" PartnerClaimType="RetryCounter"/>
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="retryCounter" />
<OutputClaim ClaimTypeReferenceId="isFound" />
</OutputClaims>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
</TechnicalProfile>
UI 中显示的错误消息是:
步骤“5”中指定的声明交换 'API-Validate-UserInfo' 返回 HTTP 错误响应,代码为 'BadRequest',原因为 'Bad Request'。
关于函数,我使用的是.net core 3.1,函数运行时版本是~3
找到提到的问题this article. 需要在响应消息版本中包含version,status和userMessage是错误响应消息的必填字段。
{
version = "1.0.0",
userMessage = "Sorry, Something happened unexpectedly. Please try after sometime.",
status = 409,
}
根据本文档,这是必需的错误结构:
Returning validation error message
此外,请确保响应应具有与内容错误代码相对应的 http 错误代码:
return StatusCode(409, new ResponseContent { userMessage = ex.Message });
其中 ResponseContent 具有以下结构:
public class ResponseContent : IResult
{
public string version { get; set; }
public int status { get; set; }
public string code { get; set; }
public string userMessage { get; set; }
public string developerMessage { get; set; }
public string requestId { get; set; }
public string moreInfo { get; set; }
public ResponseContent()
{
version = "1.0.0";
status = 409;
code = "API12345";
requestId = "50f0bd91-2ff4-4b8f-828f-00f170519ddb";
userMessage = "Message for the user";
developerMessage = "Verbose description of problem and how to fix it.";
moreInfo = "https://docs.microsoft.com/en-us/azure/active-directory-b2c/restful-technical-profile#returning-validation-error-message";
}
}