如何在Azure AD B2C中创建仅电子邮件页面?

时间:2020-10-01 20:55:37

标签: azure azure-active-directory azure-ad-b2c

我想在登录页面的前面有一个页面,其中只有一个电子邮件地址字段和一个按钮。用户单击按钮后,他们会转到另一个页面,可以在其中输入用户名和密码并登录。在B2C中可以吗?

仅电子邮件页面:

enter image description here

登录页面:

enter image description here

步骤1。在TrustFrameworkBase.xml文件中,将输入限制添加到signInName声明类型,以便仅可以在第一页上输入电子邮件地址。

<!-- Claims needed for local accounts. -->
      <!--<ClaimType Id="signInName">
        <DisplayName>Sign in name</DisplayName>
          <DisplayName>Email address</DisplayName>
        <DataType>string</DataType>
        <UserHelpText />
        <UserInputType>TextBox</UserInputType>
      </ClaimType>-->

        <ClaimType Id="signInName">
            <DisplayName>Email address</DisplayName>
            <DataType>string</DataType>
            <UserHelpText/>
            <UserInputType>TextBox</UserInputType>
            <Restriction>
                <Pattern RegularExpression="^[a-zA-Z0-9.!#$%&amp;'^_`{}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$" HelpText="Please enter a valid email address." />
            </Restriction>
        </ClaimType>

步骤2。在TrustFrameworkBase.xml文件中,将另一个技术配置文件添加到“本地帐户声明”提供程序,提示输入电子邮件地址。

 <ClaimsProvider>
      <DisplayName>Local Account</DisplayName>
      <TechnicalProfiles>
          <TechnicalProfile Id="SelfAsserted-LocalAccountSignin-EmailOnly">
              <DisplayName>Local Account Signin</DisplayName>
              <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
              <Metadata>
                  <Item Key="ContentDefinitionReferenceId">api.selfasserted</Item>
              </Metadata>
              <IncludeInSso>false</IncludeInSso>
              <OutputClaims>
                  <OutputClaim ClaimTypeReferenceId="signInName" Required="true" />
              </OutputClaims>
              <UseTechnicalProfileForSessionManagement ReferenceId="SM-AAD" />
          </TechnicalProfile>
        <TechnicalProfile Id="LocalAccountSignUpWithLogonEmail">
...

步骤3。在第一个编排步骤中,在TrustFrameworkBase.xml文件中,将SelfAsserted-LocalAccountSignin-EmailOnly添加到SignUpOrSignIn用户旅程中。

<UserJourneys>
    <UserJourney Id="SignUpOrSignIn">
      <OrchestrationSteps>
          <OrchestrationStep Order="1" Type="ClaimsExchange">
              <ClaimsExchanges>
                  <ClaimsExchange Id="LocalAccountSigninEmailOnlyExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-EmailOnly" />
              </ClaimsExchanges>
          </OrchestrationStep>
        <OrchestrationStep Order="2" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
          <ClaimsProviderSelections>
            <ClaimsProviderSelection TargetClaimsExchangeId="FacebookExchange" />
            <ClaimsProviderSelection ValidationClaimsExchangeId="LocalAccountSigninEmailExchange" />
          </ClaimsProviderSelections>
          <ClaimsExchanges>
            <ClaimsExchange Id="LocalAccountSigninEmailExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-Email" />
          </ClaimsExchanges>
        </OrchestrationStep>

我仍然提示输入密码(CSS隐藏了该字段):

enter image description here

1 个答案:

答案 0 :(得分:1)

A custom policy可以使用the LocalAccounts starter pack对此“分页”登录实施,如下所示。

  1. the TrustFrameworkBase.xml file中,将输入限制添加到the signInName claim type,以便在第一页上只能输入电子邮件地址。
<ClaimType Id="signInName">
  <DisplayName>Email address</DisplayName>
  <DataType>string</DataType>
  <UserHelpText/>
  <UserInputType>TextBox</UserInputType>
  <Restriction>
    <Pattern RegularExpression="^[a-zA-Z0-9.!#$%&amp;'^_`{}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$" HelpText="Please enter a valid email address." />
  </Restriction>
</ClaimType>
  1. TrustFrameworkBase.xml 文件中,向the Local Account claims provider添加另一个技术资料,提示输入电子邮件地址。
<TechnicalProfile Id="SelfAsserted-LocalAccountSignin-EmailOnly">
  <DisplayName>Local Account Signin</DisplayName>
  <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
  <Metadata>
    <Item Key="ContentDefinitionReferenceId">api.selfasserted</Item>
  </Metadata>
  <IncludeInSso>false</IncludeInSso>
  <OutputClaims>
    <OutputClaim ClaimTypeReferenceId="signInName" Required="true" />
  </OutputClaims>
  <UseTechnicalProfileForSessionManagement ReferenceId="SM-AAD" />
</TechnicalProfile>
  1. TrustFrameworkBase.xml 文件中,作为编排的第一步,将 SelfAsserted-LocalAccountSignin-EmailOnly 添加到the SignUpOrSignIn user journey
<UserJourney Id="SignUpOrSignIn">
  <OrchestrationSteps>
    <OrchestrationStep Order="1" Type="ClaimsExchange">
      <ClaimsExchanges>
        <ClaimsExchange Id="LocalAccountSigninEmailOnlyExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-EmailOnly" />
      </ClaimsExchanges>
    </OrchestrationStep>
    <OrchestrationStep Order="2" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
      <ClaimsProviderSelections>
        <ClaimsProviderSelection ValidationClaimsExchangeId="LocalAccountSigninEmailExchange" />
      </ClaimsProviderSelections>
      <ClaimsExchanges>
        <ClaimsExchange Id="LocalAccountSigninEmailExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-Email" />
      </ClaimsExchanges>
    </OrchestrationStep>
    ...
相关问题
最新问题