提问人:Gowtham k 提问时间:11/16/2023 最后编辑:James ZGowtham k 更新时间:11/17/2023 访问量:26
验证 Azure AD B2C 自定义策略中的电子邮件地址以限制特定域名的最佳方法是什么?
What is the best method to validate the e-mail address in Azure AD B2C custom policy to restrict the particular domain name?
问:
我们要求限制用户在注册流程期间不使用的域(假设 gmail.com)。对于电子邮件地址验证,我们在自定义策略中使用了正则表达式。
<ClaimType Id="email">
<Restriction>
<Pattern RegularExpression="^(?![a-zA-Z0-9.!#$%&'^_`{}~\-]+@(gmail.com))" HelpText="Please enter an allowed email address." />
</Restriction>
但是,当用户尝试输入内容时 [email protected] 在电子邮件验证步骤中验证失败,因为正则表达式不区分大小写。请提出更好的处理方法。
答:
0赞
Gowtham k
11/17/2023
#1
我发现了一些具有多个技术配置文件的解决方法。
用于触发“ChangeCase”声明转换的技术配置文件,将电子邮件地址转换为小写。
<ClaimsTransformation Id="ChangeToLower" TransformationMethod="ChangeCase"> <InputClaims> <InputClaim ClaimTypeReferenceId="email" TransformationClaimType="inputClaim1" /> </InputClaims> <InputParameters> <InputParameter Id="toCase" DataType="string" Value="LOWER"/> </InputParameters> <OutputClaims> <OutputClaim ClaimTypeReferenceId="email" TransformationClaimType="outputClaim" /> </OutputClaims> </ClaimsTransformation>
技术简介
<TechnicalProfiles>
<TechnicalProfile Id="TP-ChangeEmailCaseToLower">
<DisplayName>Check Company validity </DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.ClaimsTransformationProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
<InputClaims>
<InputClaim ClaimTypeReferenceId="email"/>
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="email"/>
</OutputClaims>
<OutputClaimsTransformations>
<OutputClaimsTransformation ReferenceId="ChangeToLower"/>
</OutputClaimsTransformations>
</TechnicalProfile>
用于触发“ParseDomain”声明转换的技术配置文件。
<ClaimsTransformation Id="SetDomainName" TransformationMethod="ParseDomain"> <InputClaims> <InputClaim ClaimTypeReferenceId="email" TransformationClaimType="emailAddress" /> </InputClaims> <OutputClaims> <OutputClaim ClaimTypeReferenceId="domainName" TransformationClaimType="domain" /> </OutputClaims> </ClaimsTransformation> <TechnicalProfile Id="TP-ParseDomianName"> <DisplayName>Unit test</DisplayName> <InputClaims> <InputClaim ClaimTypeReferenceId="email"/> </InputClaims> <OutputClaims> <OutputClaim ClaimTypeReferenceId="domainName" /> </OutputClaims> <OutputClaimsTransformations> <OutputClaimsTransformation ReferenceId="SetDomainName" /> </OutputClaimsTransformations> </TechnicalProfile>将 domainName 声明与值“gmail.com”进行比较
<ClaimsTransformation Id="CompareEmailCalimToValue" TransformationMethod="CompareClaimToValue"> <InputClaims> <InputClaim ClaimTypeReferenceId="domainName" TransformationClaimType="inputClaim1" /> </InputClaims> <InputParameters> <InputParameter Id="compareTo" DataType="string" Value="gmail.com" /> <InputParameter Id="operator" DataType="string" Value="not equal" /> <InputParameter Id="ignoreCase" DataType="string" Value="true" /><TechnicalProfile Id="TP-ParseDomianNameClaimCheck"> <DisplayName>Unit test</DisplayName> <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.ClaimsTransformationProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" /> <InputClaims> <InputClaim ClaimTypeReferenceId="domainName"/> </InputClaims> <OutputClaims> <OutputClaim ClaimTypeReferenceId="isDomainMatches"/> </OutputClaims> <OutputClaimsTransformations> <OutputClaimsTransformation ReferenceId="CompareEmailCalimToValue" /> </OutputClaimsTransformations> </TechnicalProfile>断言 BooleanClaim(isDomainMatches) IsEqual To Value
<ClaimsTransformation Id="AssertEmailDomainIsTrue" TransformationMethod="AssertBooleanClaimIsEqualToValue"> <InputClaims> <InputClaim ClaimTypeReferenceId="isDomainMatches" TransformationClaimType="inputClaim" /> </InputClaims> <InputParameters> <InputParameter Id="valueToCompareTo" DataType="boolean" Value="true" /> </InputParameters> </ClaimsTransformation> <TechnicalProfile Id="Example-AssertBoolean"> <DisplayName>Unit test</DisplayName> <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.ClaimsTransformationProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" /> <OutputClaims> <OutputClaim ClaimTypeReferenceId="ComparisonResult" DefaultValue="false"/> </OutputClaims> <OutputClaimsTransformations> <OutputClaimsTransformation ReferenceId="AssertEmailDomainIsTrue" /> </OutputClaimsTransformations> <UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
使用 ValidationTechnicalProfile
<TechnicalProfile Id="LocalAccountSignUpWithLogonEmail">
<Metadata>
<Item Key="IpAddressClaimReferenceId">IpAddress</Item>
<Item Key="ContentDefinitionReferenceId">api.localaccountsignup</Item>
<Item Key="UserMessageIfClaimsTransformationBooleanValueIsNotEqual">The Montgomery County work E-Address are not accepted.</Item>
</Metadata>
..........
<ValidationTechnicalProfiles>
<ValidationTechnicalProfile ReferenceId="TP-ChangeEmailCaseToLower" ContinueOnError="false"/>
<ValidationTechnicalProfile ReferenceId="TP-ParseDomianName" ContinueOnError="false" />
<ValidationTechnicalProfile ReferenceId="TP-ParseDomianNameClaimCheck" ContinueOnError="false"/>
<ValidationTechnicalProfile ReferenceId="Example-AssertBoolean" ContinueOnError="false"/>
<ValidationTechnicalProfile ReferenceId="AAD-UserWriteUsingLogonEmail" >
</ValidationTechnicalProfiles>
</TechnicalProfile>
评论