Reputation: 197
AD B2C compareClaims throws internal server error
I am trying to compare 2 claim (one from id_token_hint and one from AD B2C) . My requirement is to throw an Error Page that the 2 do not match and re-direct to login page.
For the same I have added the following steps :
Added ClaimType (boolean for comparison)
<ClaimType Id="agencyClaimMatch"> <DisplayName>Verify if input Agency and agency in AD B2C match</DisplayName> <DataType>boolean</DataType> <UserHelpText>Verify if input Agency and agency in AD B2C match</UserHelpText> </ClaimType>Create a ClaimTransformation (based on post to compare the 2 claims (extension_agency from AD B2C and agency from input claim of id_token_hint)
<ClaimsTransformation Id="checkSameAgency" TransformationMethod="CompareClaims"> <InputClaims> <InputClaim ClaimTypeReferenceId="extension_agency" TransformationClaimType="inputClaim1"/> <InputClaim ClaimTypeReferenceId="agency" TransformationClaimType="inputClaim2"/> </InputClaims> <InputParameters> <InputParameter Id="operator" DataType="string" Value="EQUAL"/> <InputParameter Id="ignoreCase" DataType="string" Value="true"/> </InputParameters> <OutputClaims> <OutputClaim ClaimTypeReferenceId="agencyClaimMatch" TransformationClaimType="outputClaim"/> </OutputClaims>
3.Added a Technical Profile to invoke the transformation (I am expecting the agencyClaimMatch boolean to get a true or false value based on the transformation, if false bot do not match need to throw the error page else allow access)
<TechnicalProfile Id="CheckAgencyMatch">
<DisplayName>Check Agency Match</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="RaiseErrorIfClaimsPrincipalDoesNotExist">true</Item>
</Metadata>
<IncludeInSso>false</IncludeInSso>
<InputClaims>
<InputClaim ClaimTypeReferenceId="agency" Required="true" />
<InputClaim ClaimTypeReferenceId="extension_agency" Required="true" />
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="agency"/>
<OutputClaim ClaimTypeReferenceId="extension_agency" />
<OutputClaim ClaimTypeReferenceId="agencyClaimMatch"/>
</OutputClaims>
<OutputClaimsTransformations>
<OutputClaimsTransformation ReferenceId="checkSameAgency"/>
</OutputClaimsTransformations>
</TechnicalProfile>
In UserJourney I added a ClaimExchange to get the value of checkSameAgency.
<!--Verify claims match and get the boolean value--> <OrchestrationStep Order="6" Type="ClaimsExchange"> <ClaimsExchanges> <ClaimsExchange Id="CheckAgencyMatch" TechnicalProfileReferenceId="CheckAgencyMatch"/> </ClaimsExchanges> </OrchestrationStep>If boolean output checkSameAgency is not "True" that is both agencies do not match then throw an error else move to next step to issue jwt token .
<!-- Check if agencID Match--> <OrchestrationStep Order="7" Type="ClaimsExchange"> <Preconditions> <Precondition Type="ClaimEquals" ExecuteActionsIf="false"> <Value>agencyClaimMatch</Value> <Value>True</Value> <Action>SkipThisOrchestrationStep</Action> </Precondition> </Preconditions> <ClaimsExchanges> <ClaimsExchange Id="SelfAssertedAgencyNotMatched" TechnicalProfileReferenceId="SelfAssertedAgencyNotMatched" /> </ClaimsExchanges> </OrchestrationStep>
But I am getting an error "The page cannot be displayed because an internal server error has occurred." even if the agency matches or if they don't.
Upvotes: 0
Views: 200
Answers (1)
Reputation: 46753
<TechnicalProfile Id="CheckAgencyMatch">
<DisplayName>Check Agency Match</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
A SelfAssertedAttributeProvider is only used to display a screen, but you are only comparing claims. It should be
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.ClaimsTransformationProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
Refer this.
Upvotes: 1
Related Questions
- Labels in links are not showing up
- I want to add text on the link in D3.js tree graph
- d3.js Links between nodes not rendering as lines
- Adding text labels to force directed graph links in d3.js
- Show D3 link text right-side up
- With D3, how can I avoid SVG graph links being rendered over nodes?
- Placing labels at the center of nodes in d3.js
- Adding label to the links in D3 force directed graph
- Add text/label onto links in D3 force directed graph
- d3: use anchor elements as chart labels