azuread oauth redirect_uri查询参数

Question

是否可以将自定义查询参数添加到AzureAD OAuth流的redirect_uri中？

我们已经尝试过，但是当OAuth流重定向回redirect_uri时，我们添加的任何查询参数都已被剥离。我想知道是否有一种方法来配置AzureAD应用程序来保持这种自定义查询参数

Answer 1

是否可以将自定义查询参数添加到AzureAD OAuth流的redirect_uri？

是的，如果您将Azure AD与OWIN集成，则很容易添加自定义查询参数。这个问题也被讨论here，这是供你参考代码示例：

在Startup.Auth.cs，设置如下面的OpenIdConnectAuthenticationOptions：

app.UseOpenIdConnectAuthentication(
    new OpenIdConnectAuthenticationOptions 
    { 
    //... 
    Notifications = new OpenIdConnectAuthenticationNotifications 
    { 
     RedirectToIdentityProvider = OnRedirectToIdentityProvider, 
     MessageReceived = OnMessageReceived 
    }, 
    }); 

注入的自定义参数使用RedirectToIdentityProvider：

private Task OnRedirectToIdentityProvider(RedirectToIdentityProviderNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification) 
{ 
    var stateQueryString = notification.ProtocolMessage.State.Split('='); 
    var protectedState = stateQueryString[1]; 
    var state = notification.Options.StateDataFormat.Unprotect(protectedState); 
    state.Dictionary.Add("mycustomparameter", "myvalue"); 
    notification.ProtocolMessage.State = stateQueryString[0] + "=" + notification.Options.StateDataFormat.Protect(state); 
    return Task.FromResult(0); 
} 

然后使用的messageReceived将其解压：

private Task OnMessageReceived(MessageReceivedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification) 
{ 
    string mycustomparameter; 
    var protectedState = notification.ProtocolMessage.State.Split('=')[1]; 
    var state = notification.Options.StateDataFormat.Unprotect(protectedState); 
    state.Dictionary.TryGetValue("mycustomparameter", out mycustomparameter); 
    return Task.FromResult(0); 
}