search

Azure-Samples / ms-identity-python-webapp

A Python web application calling Microsoft graph that is secured using the Microsoft identity platform
MIT License
279 stars 133 forks source link

Welcome None! #150

Closed DerekCL closed 3 weeks ago

DerekCL commented 3 weeks ago

image

Issue Description After creating an account and signing in I do not get the user name as a part of the context

Steps to Reproduce 1) clone the repo on windows 11 wsl using git version 2.34.1 and python version 3.12.2 2) cd to the repo and pip install the dependencies 3) (optional) for guidance review https://learn.microsoft.com/en-us/azure/active-directory-b2c/configure-authentication-sample-python-web-app?tabs=linux for any setup needed azure account wize 4) configure the .env and run through the readme setup needed 5) run the app (python -m flask run --host localhost --port 5000) 6) go through the login / registration flow 7) you should now be logged in and see the error.

DerekCL commented 3 weeks ago

If we add a bit more debugging info we can see in this block of code

@app.route("/") @auth.login_required def index(*, context): print(context) return render_template( "index.html", user=context["user"], edit_profile_url=auth.get_edit_profile_url(), api_endpoint=os.getenv("ENDPOINT"), title=f"Flask Web App Sample v{version}", )

our print statement gives us
{'user': {'ver': '1.0', 'iss': 'https://sssauth.b2clogin.com/d8a7b846-33a4-43e5-8740-24110492286d/v2.0/', 'sub': '478b62b8-5686-4187-b21c-3cd460dfe45f', 'aud': '749a1aef-33b6-4fa9-b5fb-d1c5dfd2cc4c', 'exp': 1717969191, 'nonce': '59eab68abe740b0a0b4ef0d06d476f9c2ba712964b655fbde49f052abaeecc6f', 'iat': 1717965591, 'auth_time': 1717965590, 'tfp': 'B2C_1_sign_up_sign_in', 'nbf': 1717965591}}

this means that in the index.html file

<!DOCTYPE html>

{{ title }}

{{ title }}

Welcome {{ user.get("name") }}!

Topology
{{ title }}

user.get("name") will result in none because there is no name property with user

rayluo commented 3 weeks ago

our print statement gives us {'user': {'ver': '1.0', 'iss': 'https://sssauth.b2clogin.com/d8a7b846-33a4-43e5-8740-24110492286d/v2.0/', 'sub': '478b62b8-5686-4187-b21c-3cd460dfe45f', 'aud': '749a1aef-33b6-4fa9-b5fb-d1c5dfd2cc4c', 'exp': 1717969191, 'nonce': '59eab68abe740b0a0b4ef0d06d476f9c2ba712964b655fbde49f052abaeecc6f', 'iat': 1717965591, 'auth_time': 1717965590, 'tfp': 'B2C_1_sign_up_sign_in', 'nbf': 1717965591}}

user.get("name") will result in none because there is no name property with user

The "user" object is actually the content inside an ID token. When your ID token contains no human-readable user info, this sample won't be able to display anything readable for you. But, hey, at least the sample did not crash. :-)

You shall look into your setup (in your case, that is B2C) to see how to customize the ID token claims. This doc might help. Further question needs to be sent to other channels such as StackOverflow, where there are more B2C audience.