您的位置: 首页  >  技术问答  >  Azure的AD B2C LinkedIn声称提供商

Azure的AD B2C LinkedIn声称提供商

分类: 技术问答 2022-07-08 19:49:05
问题描述:

我实现了LinkedIn的注册/登录在通过自定义的政策,但是当我点击LinkedinExchange按钮,我得到了用户出行播放器以下异常:Azure的AD B2C LinkedIn声称提供商

An exception was caught when making a request to URL " https://api.linkedin.com/v1/people/~:(id,first-name,last-name,formatted-name,email-address) " using method "Get". The exception status code was "ProtocolError" with the following message: The remote server returned an error: (401) Unauthorized.. The remote server returned an error: (401) Unauthorized.

这里是LinkedIn的ClaimsProvider我说:

<ClaimsProvider> 
    <Domain>linkedin.com</Domain> 
    <DisplayName>Linkedin</DisplayName> 
    <TechnicalProfiles> 
    <TechnicalProfile Id="Linkedin-OAUTH"> 
     <DisplayName>Linkedin</DisplayName> 
     <Protocol Name="OAuth2" /> 
     <Metadata> 
     <Item Key="ProviderName">linkedin</Item> 
     <Item Key="authorization_endpoint">https://www.linkedin.com/oauth/v2/authorization</Item> 
     <Item Key="AccessTokenEndpoint">https://www.linkedin.com/oauth/v2/accessToken</Item> 
     <Item Key="AccessTokenResponseFormat">json</Item> 
     <Item Key="ClaimsEndpoint">https://api.linkedin.com/v1/people/~:(id,first-name,last-name,formatted-name,email-address)?format=json</Item> 
     <Item Key="HttpBinding">POST</Item> 
     <Item Key="UsePolicyInRedirectUri">0</Item> 
     <Item Key="client_id">XXXXXXXXXXXX</Item> 
     </Metadata> 
     <CryptographicKeys> 
     <Key Id="client_secret" StorageReferenceId="B2C_1A_LinkedinSecret" /> 
     </CryptographicKeys> 
     <OutputClaims> 
     <OutputClaim ClaimTypeReferenceId="socialIdpUserId" PartnerClaimType="id" /> 
     <OutputClaim ClaimTypeReferenceId="email" PartnerClaimType="emailAddress" /> 
     <OutputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="firstName" /> 
     <OutputClaim ClaimTypeReferenceId="surname" PartnerClaimType="lastName" /> 
     <OutputClaim ClaimTypeReferenceId="displayName" PartnerClaimType="formattedName" /> 
     <OutputClaim ClaimTypeReferenceId="identityProvider" DefaultValue="Linkedin" /> 
     <OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="Linkedin" /> 
     </OutputClaims> 
     <OutputClaimsTransformations> 
     <OutputClaimsTransformation ReferenceId="CreateRandomUPNUserName" /> 
     <OutputClaimsTransformation ReferenceId="CreateUserPrincipalName" /> 
     <OutputClaimsTransformation ReferenceId="CreateAlternativeSecurityId" /> 
     <OutputClaimsTransformation ReferenceId="CreateSubjectClaimFromAlternativeSecurityId" /> 
     </OutputClaimsTransformations> 
     <UseTechnicalProfileForSessionManagement ReferenceId="SM-SocialLogin" /> 
    </TechnicalProfile> 
    </TechnicalProfiles> 
</ClaimsProvider>

是否有人看到我在做什么错?

+0

尝试增加 oauth2_access_token Saca

+0

非常感谢您,添加该项目解决了问题。现在我想了解需要添加这个Item,因为Linkedin文档说它返回一个'access_token'字段,当我执行API调用时,它确实返回字段'access_token'而不是'oauth2_access_token'。在azure B2C文档中没有任何地方可以看到字段oauth2_access_token ...... –

+0

oauth2指的是使用的协议,而不是字段的名称,但是总体而言,您的反馈是关于点,这个(长定制策略中的其他一些东西)需要更好地记录。 – Saca

为了增加LinkedIn为通过自定义策略在Azure的AD B2C的身份提供者,请确保您有在ClaimsProvider的<Metadata>部分如下条目:

<Item Key="ClaimsEndpointAccessTokenName">oauth2_access_token</Ite‌​m>

相关推荐