search

Azure-Samples / active-directory-b2c-advanced-policies

Sample for use with Azure AD B2C with Custom Policies.
http://aka.ms/aadb2ccustom
MIT License
218 stars 143 forks source link

Clarification for WeChat custom authentication #43

Open fjferdiez opened 5 years ago

fjferdiez commented 5 years ago

Hello, I am setting wechat custom provider, up to now I have followed the documents of wechat available here:

Wechat Docs on English

And Azure Docs:

Define an OAuth2 Technical Profile

I also set up application insights for debugging:

I am getting this error:

Exception | {"Kind":"Handled","HResult":"80070057","Message":"The value must not be null or white space.\r\nParameter name: key","Data":{}}
-- | --
  | Data{}HResult80070057KindHandledMessageThe value must not be null or white space. Parameter name: key |   | Data | {} |   | HResult | 80070057 |   | Kind | Handled |   | Message | The value must not be null or white space. Parameter name: key
  | Data | {}
  | HResult | 80070057
  | Kind | Handled
  | Message | The value must not be null or white space. Parameter name: key

Not very clear about what would be the step that might be failing, the main log of the user flow says on the last step:

31 | {"Kind":"HandlerResult","Content":{"Result":true,"RecorderRecord":{"Values":[{"Key":"SendingRequest","Value":"WechatExchange"}]}}}
-- | --
  | Content{"Result":true,"RecorderRecord":{"Values":[{"Key":"SendingRequest","Value":"WechatExchange"}]}}RecorderRecord{"Values":[{"Key":"SendingRequest","Value":"WechatExchange"}]}Values[{"Key":"SendingRequest","Value":"WechatExchange"}]0{"Key":"SendingRequest","Value":"WechatExchange"}KeySendingRequestValueWechatExchang |   | Content | {"Result":true,"RecorderRecord":{"Values":[{"Key":"SendingRequest","Value":"WechatExchange"}]}} |   | RecorderRecord{"Values":[{"Key":"SendingRequest","Value":"WechatExchange"}]}Values[{"Key":"SendingRequest","Value":"WechatExchange"}]0{"Key":"SendingRequest","Value":"WechatExchange"}KeySendingRequestValueWechatExchang |   | RecorderRecord | {"Values":[{"Key":"SendingRequest","Value":"WechatExchange"}]} |   | Values[{"Key":"SendingRequest","Value":"WechatExchange"}]0{"Key":"SendingRequest","Value":"WechatExchange"}KeySendingRequestValueWechatExchang |   | Values | [{"Key":"SendingRequest","Value":"WechatExchange"}] |   | 0{"Key":"SendingRequest","Value":"WechatExchange"}KeySendingRequestValueWechatExchang |   | 0 | {"Key":"SendingRequest","Value":"WechatExchange"} |   | KeySendingRequestValueWechatExchang |   | Key | SendingRequest |   | Value | WechatExchang
  | Content | {"Result":true,"RecorderRecord":{"Values":[{"Key":"SendingRequest","Value":"WechatExchange"}]}}
  | RecorderRecord{"Values":[{"Key":"SendingRequest","Value":"WechatExchange"}]}Values[{"Key":"SendingRequest","Value":"WechatExchange"}]0{"Key":"SendingRequest","Value":"WechatExchange"}KeySendingRequestValueWechatExchang |   | RecorderRecord | {"Values":[{"Key":"SendingRequest","Value":"WechatExchange"}]} |   | Values[{"Key":"SendingRequest","Value":"WechatExchange"}]0{"Key":"SendingRequest","Value":"WechatExchange"}KeySendingRequestValueWechatExchang |   | Values | [{"Key":"SendingRequest","Value":"WechatExchange"}] |   | 0{"Key":"SendingRequest","Value":"WechatExchange"}KeySendingRequestValueWechatExchang |   | 0 | {"Key":"SendingRequest","Value":"WechatExchange"} |   | KeySendingRequestValueWechatExchang |   | Key | SendingRequest |   | Value | WechatExchang
  | RecorderRecord | {"Values":[{"Key":"SendingRequest","Value":"WechatExchange"}]}
  | Values[{"Key":"SendingRequest","Value":"WechatExchange"}]0{"Key":"SendingRequest","Value":"WechatExchange"}KeySendingRequestValueWechatExchang |   | Values | [{"Key":"SendingRequest","Value":"WechatExchange"}] |   | 0{"Key":"SendingRequest","Value":"WechatExchange"}KeySendingRequestValueWechatExchang |   | 0 | {"Key":"SendingRequest","Value":"WechatExchange"} |   | KeySendingRequestValueWechatExchang |   | Key | SendingRequest |   | Value | WechatExchang
  | Values | [{"Key":"SendingRequest","Value":"WechatExchange"}]
  | 0{"Key":"SendingRequest","Value":"WechatExchange"}KeySendingRequestValueWechatExchang |   | 0 | {"Key":"SendingRequest","Value":"WechatExchange"} |   | KeySendingRequestValueWechatExchang |   | Key | SendingRequest |   | Value | WechatExchang
  | 0 | {"Key":"SendingRequest","Value":"WechatExchange"}
  | KeySendingRequestValueWechatExchang |   | Key | SendingRequest |   | Value | WechatExchang
  | Key | SendingRequest
  | Value | WechatExchange

My technical profile looks like this:

    <ClaimsProvider>
      <Domain>weixin.qq.com</Domain>
      <DisplayName>WeChat</DisplayName>
      <TechnicalProfiles>
        <TechnicalProfile Id="WeChat-OAUTH">
          <!-- The text in the following DisplayName element is shown to the user on the claims provider 
               selection screen. -->
          <DisplayName>WeChat</DisplayName>
          <Protocol Name="OAuth2" />
          <Metadata>
            <Item Key="ProviderName">wechat</Item>
            <Item Key="authorization_endpoint">https://open.weixin.qq.com/connect/qrconnect</Item>
            <Item Key="AccessTokenEndpoint">https://api.weixin.qq.com/sns/oauth2/access_token</Item>
            <Item Key="ClaimsEndpoint">https://api.weixin.qq.com/sns/userinfo</Item>
            <Item Key="HttpBinding">GET</Item>
            <Item Key="scope">snsapi_login</Item>
            <Item Key="UsePolicyInRedirectUri">0</Item>
            <Item Key="client_id">my_clientid</Item>
            <Item Key="AdditionalRequestQueryParameters">appid=my_clientid,secret=my_secret</Item>
            <Item Key="ClaimsEndpointAccessTokenName">access_token</Item>
            <Item Key="ExtraParamsInAccessTokenEndpointResponse">openid</Item>
            <Item Key="AccessTokenResponseFormat">json</Item>
            <Item Key="ClaimsEndpointFormat">json</Item>
          </Metadata>
          <CryptographicKeys>
            <Key Id="client_secret" StorageReferenceId="B2C_1A_WXSecret" />
          </CryptographicKeys>
          <InputClaims>
            <InputClaim ClaimTypeReferenceId="appid" DefaultValue="my_clientid" />
          </InputClaims>
          <OutputClaims>
            <OutputClaim ClaimTypeReferenceId="socialIdpUserId" PartnerClaimType="unionid" DefaultValue="wechatuser"/>
            <OutputClaim ClaimTypeReferenceId="displayName" PartnerClaimType="nickname"/>
            <OutputClaim ClaimTypeReferenceId="identityProvider" DefaultValue="weixin.qq.com" />
            <OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="socialIdpAuthentication" />
          </OutputClaims>
          <OutputClaimsTransformations>
            <OutputClaimsTransformation ReferenceId="CreateRandomUPNUserName" />
            <OutputClaimsTransformation ReferenceId="CreateUserPrincipalName" />
            <OutputClaimsTransformation ReferenceId="CreateAlternativeSecurityId" />
            <OutputClaimsTransformation ReferenceId="CreateSubjectClaimFromAlternativeSecurityId"/>
          </OutputClaimsTransformations>
          <UseTechnicalProfileForSessionManagement ReferenceId="SM-SocialLogin" />
        </TechnicalProfile>
      </TechnicalProfiles>
    </ClaimsProvider>

Many thanks in advance for any helpful hint or help you can provide