• Not Answered

Pass custom parameter during authentication with Azure B2C

I'm setting up Sitecore 10 to authenticate our external users with Microsoft Azure B2C.  The authentication pipeline is up and running.  During the user's sign up process I would like to be able to send a dynamic piece of data (user inputted) to the authentication pipeline.

My issue is that I am not able to figure out how to pass data from the user page to the authentication pipeline.

The controller actions that initiates the Azure B2C call creates a GetSignInUrlInfoArgs and calls the pipeline.  I've tried to add data to the CustomData, however the CustomData in the pipeline is always empty when I check it.

The pipeline is derived from IdentityProvidersProcessor and is using UseOpenIdConnectAuthentication.  I was trying to get the CustomData while in the events of OpenIdConnectAuthenticationNotifications, but the CustomData is still empty.

Here is how I initiate the process.  The "SSO" view posts to the URL given to it.

private ActionResult InitiateAzureB2CFlow(string identityProvider)
{

var returnUrl = WebUtil.GetQueryString("returnUrl");
GetSignInUrlInfoArgs args = new GetSignInUrlInfoArgs("website", returnUrl);

//not available in pipeline
args.CustomData.Add("memberId", "123");

GetSignInUrlInfoPipeline.Run(this.CorePipelineManager, args);

var redirectToIdp = args.Result.First(x => x.IdentityProvider.Equals(identityProvider)).Href;
var viewModel = new SsoViewModel
{
SsoUrl = redirectToIdp
};
return View("Sso", viewModel);
}

Here is code from the pipeline

public abstract class AzureB2CIdentityProviderBaseProcessor : IdentityProvidersProcessor {

...

protected override void ProcessCore(IdentityProvidersArgs args)
{
args.App.UseOpenIdConnectAuthentication(CreateOptionsFromSiteConfig(this.PolicyId));
}

private OpenIdConnectAuthenticationOptions CreateOptionsFromSiteConfig(string policyId)
{
OpenIdConnectAuthenticationOptions options = new OpenIdConnectAuthenticationOptions();
var identityProvider = GetIdentityProvider();
options.MetadataAddress = String.Format(WellKnownMetadata, Tenant, policyId);
options.AuthenticationType = GetAuthenticationType();
options.AuthenticationMode = AuthenticationMode.Passive;
options.RedirectUri = RedirectUri;
options.PostLogoutRedirectUri = RedirectUri;
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
ValidateIssuer = false
};
options.Notifications = new OpenIdConnectAuthenticationNotifications()
{
AuthenticationFailed = OnAuthenticationFailed,
RedirectToIdentityProvider = OnRedirectToIdentityProvider,
SecurityTokenValidated = OnSecurityTokenValidated,
AuthorizationCodeReceived = OnAuthorizationCodeReceived,
MessageReceived = OnMessageReceived
};

options.ClientId = ClientId;
options.Scope = "openid";
options.ResponseType = "id_token";
return options;
}

// Tried getting the data from different locations, but this is the basic idea
protected virtual Task OnRedirectToIdentityProvider(RedirectToIdentityProviderNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification)
{
if (this.Args.CustomData != null)
{
// Always empty
_logger.Debug("CustomData:" + JsonConvert.SerializeObject(this.Args.CustomData));
}
return Task.FromResult(0);
}