From 5e74d4b60602f284345073417ed04abbfeae4cb6 Mon Sep 17 00:00:00 2001 From: Dawid Pastuszka Date: Wed, 22 Nov 2023 15:17:30 +0100 Subject: [PATCH 01/12] Add Custom policies same as current b2c user flows --- LocalAccounts/DP/PasswordReset.xml | 168 ++++++++++++++++++ LocalAccounts/DP/ProfileEditing.xml | 218 +++++++++++++++++++++++ LocalAccounts/DP/SignUpOrSignin.xml | 261 ++++++++++++++++++++++++++++ 3 files changed, 647 insertions(+) create mode 100644 LocalAccounts/DP/PasswordReset.xml create mode 100644 LocalAccounts/DP/ProfileEditing.xml create mode 100644 LocalAccounts/DP/SignUpOrSignin.xml diff --git a/LocalAccounts/DP/PasswordReset.xml b/LocalAccounts/DP/PasswordReset.xml new file mode 100644 index 0000000..d029abb --- /dev/null +++ b/LocalAccounts/DP/PasswordReset.xml @@ -0,0 +1,168 @@ + + + vanityb2cpoc.onmicrosoft.com + base-v1 + + + + + string + + + + string + + + + + + ~/tenant/templates/AzureBlue/exception.cshtml + urn:com:microsoft:aad:b2c:elements:contract:globalexception:1.2.6 + + azureBlue + + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.6 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0 + + azureBlue + + + + ~/tenant/templates/AzureBlue/multifactor-1.0.0.cshtml + urn:com:microsoft:aad:b2c:elements:contract:multifactor:1.2.15 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + + + + Azure Active Directory + + + + + + + + + + + + + Evaluate Block User For GDPR + + + + + + + + + + + + + + + PhoneFactor + + + Always + + + OnClaimsExistence + + + + + Self Asserted + + + + + + + + + + + + + Token Issuer + + + + 3600 + 3600 + 1209600 + 7776000 + AuthorityAndTenantGuid + None + + + + + + + + + + + + + + + + + + + + Rolling + 86400 + + + PolicyProfile + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/LocalAccounts/DP/ProfileEditing.xml b/LocalAccounts/DP/ProfileEditing.xml new file mode 100644 index 0000000..00f96da --- /dev/null +++ b/LocalAccounts/DP/ProfileEditing.xml @@ -0,0 +1,218 @@ + + + vanityb2cpoc.onmicrosoft.com + base-v1 + + + + + string + + + + string + + + + + + ~/tenant/templates/AzureBlue/exception.cshtml + urn:com:microsoft:aad:b2c:elements:contract:globalexception:1.2.6 + + azureBlue + + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:unifiedssp:2.1.17 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.6 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + ~/tenant/templates/AzureBlue/multifactor-1.0.0.cshtml + urn:com:microsoft:aad:b2c:elements:contract:multifactor:1.2.15 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + + + + Azure Active Directory + + + + + + + + + + + + + + + + + + + + + Evaluate Block User For GDPR + + + + + + + + + + + + + + + PhoneFactor + + + Always + + + OnClaimsExistence + + + + + Self Asserted + + + + + + + + + + + + + + + + + + + + + + + + + Token Issuer + + + + 3600 + 3600 + 1209600 + 7776000 + AuthorityAndTenantGuid + None + + + + + + + + + + + + + + + + + + + + Rolling + 86400 + + + PolicyProfile + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/LocalAccounts/DP/SignUpOrSignin.xml b/LocalAccounts/DP/SignUpOrSignin.xml new file mode 100644 index 0000000..eff2591 --- /dev/null +++ b/LocalAccounts/DP/SignUpOrSignin.xml @@ -0,0 +1,261 @@ + + + vanityb2cpoc.onmicrosoft.com + base-v1 + + + + + string + + + + string + + + + + + ~/tenant/templates/AzureBlue/exception.cshtml + urn:com:microsoft:aad:b2c:elements:contract:globalexception:1.2.6 + + azureBlue + + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:unifiedssp:2.1.17 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.6 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + ~/tenant/templates/AzureBlue/multifactor-1.0.0.cshtml + urn:com:microsoft:aad:b2c:elements:contract:multifactor:1.2.15 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + + + + AAD SSPR + + + Always + + + Always + + + + + Azure Active Directory + + + + + + + + + + + + + + + + + + + + + Evaluate Block User For GDPR + + + + + + + + + + + + + + + + One time password technical profiles + + + Never + + + Never + + + + + PhoneFactor + + + Always + + + OnClaimsExistence + + + + + Self Asserted + + + + + + + + + + + + + + + + + + + + + + + + + + + + Token Issuer + + + + 3600 + 3600 + 1209600 + 7776000 + AuthorityAndTenantGuid + None + + + + + + + + + + + + + + + + + + + + Rolling + 86400 + + + PolicyProfile + + + + + + + + + + + + + + + + \ No newline at end of file From 72655bb55924c8a4714f00102ead0a21d5fb4ac6 Mon Sep 17 00:00:00 2001 From: Dawid Pastuszka Date: Wed, 22 Nov 2023 15:21:24 +0100 Subject: [PATCH 02/12] DP > Change protocol to oauth2 --- LocalAccounts/DP/PasswordReset.xml | 2 +- LocalAccounts/DP/ProfileEditing.xml | 2 +- LocalAccounts/DP/SignUpOrSignin.xml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/LocalAccounts/DP/PasswordReset.xml b/LocalAccounts/DP/PasswordReset.xml index d029abb..47fd875 100644 --- a/LocalAccounts/DP/PasswordReset.xml +++ b/LocalAccounts/DP/PasswordReset.xml @@ -151,7 +151,7 @@ PolicyProfile - + diff --git a/LocalAccounts/DP/ProfileEditing.xml b/LocalAccounts/DP/ProfileEditing.xml index 00f96da..cdb394c 100644 --- a/LocalAccounts/DP/ProfileEditing.xml +++ b/LocalAccounts/DP/ProfileEditing.xml @@ -201,7 +201,7 @@ PolicyProfile - + diff --git a/LocalAccounts/DP/SignUpOrSignin.xml b/LocalAccounts/DP/SignUpOrSignin.xml index eff2591..499a79e 100644 --- a/LocalAccounts/DP/SignUpOrSignin.xml +++ b/LocalAccounts/DP/SignUpOrSignin.xml @@ -243,7 +243,7 @@ PolicyProfile - + From fb2c283309c3aa32546fe0b400bc2991f97067c4 Mon Sep 17 00:00:00 2001 From: Dawid Pastuszka Date: Wed, 22 Nov 2023 15:24:56 +0100 Subject: [PATCH 03/12] Add oauth2 to local accounts protocol --- LocalAccounts/PasswordReset.xml | 2 +- LocalAccounts/ProfileEdit.xml | 2 +- LocalAccounts/SignUpOrSignin.xml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/LocalAccounts/PasswordReset.xml b/LocalAccounts/PasswordReset.xml index a93a37e..1617df8 100644 --- a/LocalAccounts/PasswordReset.xml +++ b/LocalAccounts/PasswordReset.xml @@ -17,7 +17,7 @@ PolicyProfile - + diff --git a/LocalAccounts/ProfileEdit.xml b/LocalAccounts/ProfileEdit.xml index 4d2f96c..6f384b8 100644 --- a/LocalAccounts/ProfileEdit.xml +++ b/LocalAccounts/ProfileEdit.xml @@ -17,7 +17,7 @@ PolicyProfile - + diff --git a/LocalAccounts/SignUpOrSignin.xml b/LocalAccounts/SignUpOrSignin.xml index 531c606..1fecae6 100644 --- a/LocalAccounts/SignUpOrSignin.xml +++ b/LocalAccounts/SignUpOrSignin.xml @@ -21,7 +21,7 @@ PolicyProfile - + From 89ff7d5c0a3df6616209bbb8c30c43df95d602c1 Mon Sep 17 00:00:00 2001 From: Dawid Pastuszka Date: Wed, 22 Nov 2023 15:26:32 +0100 Subject: [PATCH 04/12] Add tenant name to local accounts template --- LocalAccounts/PasswordReset.xml | 6 +++--- LocalAccounts/ProfileEdit.xml | 6 +++--- LocalAccounts/SignUpOrSignin.xml | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/LocalAccounts/PasswordReset.xml b/LocalAccounts/PasswordReset.xml index 1617df8..3b8e7bd 100644 --- a/LocalAccounts/PasswordReset.xml +++ b/LocalAccounts/PasswordReset.xml @@ -4,12 +4,12 @@ xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" - TenantId="yourtenant.onmicrosoft.com" + TenantId="vanityb2cpoc.onmicrosoft.com" PolicyId="B2C_1A_PasswordReset" - PublicPolicyUri="http://yourtenant.onmicrosoft.com/B2C_1A_PasswordReset"> + PublicPolicyUri="http://vanityb2cpoc.onmicrosoft.com/B2C_1A_PasswordReset"> - yourtenant.onmicrosoft.com + vanityb2cpoc.onmicrosoft.com B2C_1A_TrustFrameworkExtensions diff --git a/LocalAccounts/ProfileEdit.xml b/LocalAccounts/ProfileEdit.xml index 6f384b8..2f0c0bd 100644 --- a/LocalAccounts/ProfileEdit.xml +++ b/LocalAccounts/ProfileEdit.xml @@ -4,12 +4,12 @@ xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" - TenantId="yourtenant.onmicrosoft.com" + TenantId="vanityb2cpoc.onmicrosoft.com" PolicyId="B2C_1A_ProfileEdit" - PublicPolicyUri="http://yourtenant.onmicrosoft.com/B2C_1A_ProfileEdit"> + PublicPolicyUri="http://vanityb2cpoc.onmicrosoft.com/B2C_1A_ProfileEdit"> - yourtenant.onmicrosoft.com + vanityb2cpoc.onmicrosoft.com B2C_1A_TrustFrameworkExtensions diff --git a/LocalAccounts/SignUpOrSignin.xml b/LocalAccounts/SignUpOrSignin.xml index 1fecae6..6a481d9 100644 --- a/LocalAccounts/SignUpOrSignin.xml +++ b/LocalAccounts/SignUpOrSignin.xml @@ -4,12 +4,12 @@ xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" - TenantId="yourtenant.onmicrosoft.com" + TenantId="vanityb2cpoc.onmicrosoft.com" PolicyId="B2C_1A_signup_signin" - PublicPolicyUri="http://yourtenant.onmicrosoft.com/B2C_1A_signup_signin"> + PublicPolicyUri="http://vanityb2cpoc.onmicrosoft.com/B2C_1A_signup_signin"> - yourtenant.onmicrosoft.com + vanityb2cpoc.onmicrosoft.com B2C_1A_TrustFrameworkExtensions From 22f3ba2cb4ad39ebc98ba16ef1be1d1c05ba187c Mon Sep 17 00:00:00 2001 From: Dawid Pastuszka Date: Wed, 22 Nov 2023 15:29:35 +0100 Subject: [PATCH 05/12] Add tenant name to local accounts framework --- LocalAccounts/TrustFrameworkBase.xml | 4 ++-- LocalAccounts/TrustFrameworkExtensions.xml | 6 +++--- LocalAccounts/TrustFrameworkLocalization.xml | 6 +++--- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/LocalAccounts/TrustFrameworkBase.xml b/LocalAccounts/TrustFrameworkBase.xml index 6a61ffb..644c8c4 100644 --- a/LocalAccounts/TrustFrameworkBase.xml +++ b/LocalAccounts/TrustFrameworkBase.xml @@ -4,9 +4,9 @@ xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" - TenantId="yourtenant.onmicrosoft.com" + TenantId="vanityb2cpoc.onmicrosoft.com" PolicyId="B2C_1A_TrustFrameworkBase" - PublicPolicyUri="http://yourtenant.onmicrosoft.com/B2C_1A_TrustFrameworkBase"> + PublicPolicyUri="http://vanityb2cpoc.onmicrosoft.com/B2C_1A_TrustFrameworkBase"> diff --git a/LocalAccounts/TrustFrameworkExtensions.xml b/LocalAccounts/TrustFrameworkExtensions.xml index 7eedb70..01ade24 100644 --- a/LocalAccounts/TrustFrameworkExtensions.xml +++ b/LocalAccounts/TrustFrameworkExtensions.xml @@ -4,12 +4,12 @@ xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" - TenantId="yourtenant.onmicrosoft.com" + TenantId="vanityb2cpoc.onmicrosoft.com" PolicyId="B2C_1A_TrustFrameworkExtensions" - PublicPolicyUri="http://yourtenant.onmicrosoft.com/B2C_1A_TrustFrameworkExtensions"> + PublicPolicyUri="http://vanityb2cpoc.onmicrosoft.com/B2C_1A_TrustFrameworkExtensions"> - yourtenant.onmicrosoft.com + vanityb2cpoc.onmicrosoft.com B2C_1A_TrustFrameworkLocalization diff --git a/LocalAccounts/TrustFrameworkLocalization.xml b/LocalAccounts/TrustFrameworkLocalization.xml index 09ebcf8..1d971b4 100644 --- a/LocalAccounts/TrustFrameworkLocalization.xml +++ b/LocalAccounts/TrustFrameworkLocalization.xml @@ -4,12 +4,12 @@ xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" - TenantId="yourtenant.onmicrosoft.com" + TenantId="vanityb2cpoc.onmicrosoft.com" PolicyId="B2C_1A_TrustFrameworkLocalization" - PublicPolicyUri="http://yourtenant.onmicrosoft.com/B2C_1A_TrustFrameworkLocalization"> + PublicPolicyUri="http://vanityb2cpoc.onmicrosoft.com/B2C_1A_TrustFrameworkLocalization"> - yourtenant.onmicrosoft.com + vanityb2cpoc.onmicrosoft.com B2C_1A_TrustFrameworkBase From aec9f06823c9d3bf983047e560905bec115cfa12 Mon Sep 17 00:00:00 2001 From: Dawid Pastuszka Date: Wed, 22 Nov 2023 15:42:01 +0100 Subject: [PATCH 06/12] Revert "Add oauth2 to local accounts protocol" This reverts commit fb2c283309c3aa32546fe0b400bc2991f97067c4. --- LocalAccounts/PasswordReset.xml | 2 +- LocalAccounts/ProfileEdit.xml | 2 +- LocalAccounts/SignUpOrSignin.xml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/LocalAccounts/PasswordReset.xml b/LocalAccounts/PasswordReset.xml index 3b8e7bd..0bfaf33 100644 --- a/LocalAccounts/PasswordReset.xml +++ b/LocalAccounts/PasswordReset.xml @@ -17,7 +17,7 @@ PolicyProfile - + diff --git a/LocalAccounts/ProfileEdit.xml b/LocalAccounts/ProfileEdit.xml index 2f0c0bd..d750351 100644 --- a/LocalAccounts/ProfileEdit.xml +++ b/LocalAccounts/ProfileEdit.xml @@ -17,7 +17,7 @@ PolicyProfile - + diff --git a/LocalAccounts/SignUpOrSignin.xml b/LocalAccounts/SignUpOrSignin.xml index 6a481d9..9edd777 100644 --- a/LocalAccounts/SignUpOrSignin.xml +++ b/LocalAccounts/SignUpOrSignin.xml @@ -21,7 +21,7 @@ PolicyProfile - + From fa6ec764b185e0ce1e1fac95d9b75cd86a221f94 Mon Sep 17 00:00:00 2001 From: Dawid Pastuszka Date: Fri, 24 Nov 2023 13:52:44 +0100 Subject: [PATCH 07/12] Add Vanity Userflow XML files --- Vanity_Userflow/B2C_1_PasswordReset.xml | 168 +++++++++++++++ Vanity_Userflow/B2C_1_ProfileEditing.xml | 220 +++++++++++++++++++ Vanity_Userflow/B2C_1_SigninSignout.xml | 263 +++++++++++++++++++++++ 3 files changed, 651 insertions(+) create mode 100644 Vanity_Userflow/B2C_1_PasswordReset.xml create mode 100644 Vanity_Userflow/B2C_1_ProfileEditing.xml create mode 100644 Vanity_Userflow/B2C_1_SigninSignout.xml diff --git a/Vanity_Userflow/B2C_1_PasswordReset.xml b/Vanity_Userflow/B2C_1_PasswordReset.xml new file mode 100644 index 0000000..d029abb --- /dev/null +++ b/Vanity_Userflow/B2C_1_PasswordReset.xml @@ -0,0 +1,168 @@ + + + vanityb2cpoc.onmicrosoft.com + base-v1 + + + + + string + + + + string + + + + + + ~/tenant/templates/AzureBlue/exception.cshtml + urn:com:microsoft:aad:b2c:elements:contract:globalexception:1.2.6 + + azureBlue + + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.6 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0 + + azureBlue + + + + ~/tenant/templates/AzureBlue/multifactor-1.0.0.cshtml + urn:com:microsoft:aad:b2c:elements:contract:multifactor:1.2.15 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + + + + Azure Active Directory + + + + + + + + + + + + + Evaluate Block User For GDPR + + + + + + + + + + + + + + + PhoneFactor + + + Always + + + OnClaimsExistence + + + + + Self Asserted + + + + + + + + + + + + + Token Issuer + + + + 3600 + 3600 + 1209600 + 7776000 + AuthorityAndTenantGuid + None + + + + + + + + + + + + + + + + + + + + Rolling + 86400 + + + PolicyProfile + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Vanity_Userflow/B2C_1_ProfileEditing.xml b/Vanity_Userflow/B2C_1_ProfileEditing.xml new file mode 100644 index 0000000..4c511b6 --- /dev/null +++ b/Vanity_Userflow/B2C_1_ProfileEditing.xml @@ -0,0 +1,220 @@ + + + vanityb2cpoc.onmicrosoft.com + base-v1 + + + + + string + + + + string + + + + + + ~/tenant/templates/AzureBlue/exception.cshtml + urn:com:microsoft:aad:b2c:elements:contract:globalexception:1.2.6 + + azureBlue + + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:unifiedssp:2.1.17 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.6 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + ~/tenant/templates/AzureBlue/multifactor-1.0.0.cshtml + urn:com:microsoft:aad:b2c:elements:contract:multifactor:1.2.15 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + + + + Azure Active Directory + + + + + + + + + + + + + + + + + + + + + Evaluate Block User For GDPR + + + + + + + + + + + + + + + PhoneFactor + + + Always + + + OnClaimsExistence + + + + + Self Asserted + + + + + + + + + + + + + + + + + + + + + + + + + Token Issuer + + + + 3600 + 3600 + 1209600 + 7776000 + AuthorityAndTenantGuid + None + + + + + + + + + + + + + + + + + + + + + + Rolling + 86400 + + + PolicyProfile + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/Vanity_Userflow/B2C_1_SigninSignout.xml b/Vanity_Userflow/B2C_1_SigninSignout.xml new file mode 100644 index 0000000..b22031f --- /dev/null +++ b/Vanity_Userflow/B2C_1_SigninSignout.xml @@ -0,0 +1,263 @@ + + + vanityb2cpoc.onmicrosoft.com + base-v1 + + + + + string + + + + string + + + + + + ~/tenant/templates/AzureBlue/exception.cshtml + urn:com:microsoft:aad:b2c:elements:contract:globalexception:1.2.6 + + azureBlue + + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:unifiedssp:2.1.17 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.6 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + ~/tenant/templates/AzureBlue/multifactor-1.0.0.cshtml + urn:com:microsoft:aad:b2c:elements:contract:multifactor:1.2.15 + + azureBlue + + + + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.29 + + + + + + AAD SSPR + + + Always + + + Always + + + + + Azure Active Directory + + + + + + + + + + + + + + + + + + + + + Evaluate Block User For GDPR + + + + + + + + + + + + + + + + One time password technical profiles + + + Never + + + Never + + + + + PhoneFactor + + + Always + + + OnClaimsExistence + + + + + Self Asserted + + + + + + + + + + + + + + + + + + + + + + + + + + + + Token Issuer + + + + 3600 + 3600 + 1209600 + 7776000 + AuthorityAndTenantGuid + None + + + + + + + + + + + + + + + + + + + + + + Rolling + 86400 + + + PolicyProfile + + + + + + + + + + + + + + + + \ No newline at end of file From 4c6c1ab34ca7ffdf2bd141b7641c374e442cd1c2 Mon Sep 17 00:00:00 2001 From: Dawid Pastuszka Date: Mon, 11 Dec 2023 11:34:32 +0100 Subject: [PATCH 08/12] add vanity custom policy last changes --- VANITY_CUSTOM_B2C/PasswordReset.xml | 19 + VANITY_CUSTOM_B2C/ProfileEdit.xml | 18 + VANITY_CUSTOM_B2C/SignUpOrSignin.xml | 26 + VANITY_CUSTOM_B2C/TrustFrameworkBase.xml | 909 ++++++++++++++++++ .../TrustFrameworkExtensions.xml | 105 ++ .../TrustFrameworkLocalization.xml | 223 +++++ 6 files changed, 1300 insertions(+) create mode 100644 VANITY_CUSTOM_B2C/PasswordReset.xml create mode 100644 VANITY_CUSTOM_B2C/ProfileEdit.xml create mode 100644 VANITY_CUSTOM_B2C/SignUpOrSignin.xml create mode 100644 VANITY_CUSTOM_B2C/TrustFrameworkBase.xml create mode 100644 VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml create mode 100644 VANITY_CUSTOM_B2C/TrustFrameworkLocalization.xml diff --git a/VANITY_CUSTOM_B2C/PasswordReset.xml b/VANITY_CUSTOM_B2C/PasswordReset.xml new file mode 100644 index 0000000..2c71485 --- /dev/null +++ b/VANITY_CUSTOM_B2C/PasswordReset.xml @@ -0,0 +1,19 @@ + + + vanityb2cpoc.onmicrosoft.com + B2C_1A_TrustFrameworkExtensions + + + + + PolicyProfile + + + + + + + + + + \ No newline at end of file diff --git a/VANITY_CUSTOM_B2C/ProfileEdit.xml b/VANITY_CUSTOM_B2C/ProfileEdit.xml new file mode 100644 index 0000000..74ae1c3 --- /dev/null +++ b/VANITY_CUSTOM_B2C/ProfileEdit.xml @@ -0,0 +1,18 @@ + + + vanityb2cpoc.onmicrosoft.com + B2C_1A_TrustFrameworkExtensions + + + + + PolicyProfile + + + + + + + + + \ No newline at end of file diff --git a/VANITY_CUSTOM_B2C/SignUpOrSignin.xml b/VANITY_CUSTOM_B2C/SignUpOrSignin.xml new file mode 100644 index 0000000..2199ef7 --- /dev/null +++ b/VANITY_CUSTOM_B2C/SignUpOrSignin.xml @@ -0,0 +1,26 @@ + + + vanityb2cpoc.onmicrosoft.com + B2C_1A_TrustFrameworkExtensions + + + + + + + + + PolicyProfile + + + + + + + + + + + + + \ No newline at end of file diff --git a/VANITY_CUSTOM_B2C/TrustFrameworkBase.xml b/VANITY_CUSTOM_B2C/TrustFrameworkBase.xml new file mode 100644 index 0000000..bc6af35 --- /dev/null +++ b/VANITY_CUSTOM_B2C/TrustFrameworkBase.xml @@ -0,0 +1,909 @@ + + + + + + + + Username + string + + TextBox + + + + + + OID + string + + + + AlternativeSecurityId + string + + + + User's Object's Tenant ID + string + + + + + + Tenant identifier (ID) of the user object in Azure AD. + + + User's Object ID + string + + + + + + Object identifier (ID) of the user object in Azure AD. + + + + Sign in name + string + + TextBox + + + Email Address + string + Email address to use for signing in. + TextBox + + + Account Enabled + boolean + Specifies whether the user's account is enabled. + Specifies whether your account is enabled. + + + Password + string + Enter password + Password + + + + New Password + string + Enter new password + Password + + + + + + + Confirm New Password + string + Confirm new password + Password + + + + + + Password Policies + string + Password policies used by Azure AD to determine password strength, expiry etc. + + + client_id + string + Special parameter passed to EvoSTS. + Special parameter passed to EvoSTS. + + + resource_id + string + Special parameter passed to EvoSTS. + Special parameter passed to EvoSTS. + + + Subject + string + + + + + + + Identity Provider + string + + + + + + + + + Display Name + string + + + + + + Your display name. + TextBox + + + Email Address + string + + + + Email address that can be used to contact you. + TextBox + + + + + + Alternate Email Addresses + stringCollection + Email addresses that can be used to contact the user. + + + UserPrincipalName + string + + + + + + Your user name as stored in the Azure Active Directory. + + + UPN User Name + string + The user name for creating user principal name. + + + User is new + boolean + + + + Executed-SelfAsserted-Input + string + A claim that specifies whether attributes were collected from the user. + + + AuthenticationSource + string + Specifies whether the user was authenticated at Social IDP or local account. + + + + refreshTokenIssuedOnDateTime + string + Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. + Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. + + + refreshTokensValidFromDateTime + string + Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. + Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. + + + + nca + string + Special parameter passed for local account authentication to login.microsoftonline.com. + + + grant_type + string + Special parameter passed for local account authentication to login.microsoftonline.com. + + + scope + string + Special parameter passed for local account authentication to login.microsoftonline.com. + + + objectIdFromSession + boolean + Parameter provided by the default session management provider to indicate that the object id has been retrieved from an SSO session. + + + isActiveMFASession + boolean + Parameter provided by the MFA session management to indicate that the user has an active MFA session. + + + + Given Name + string + + + + + + Your given name (also known as first name). + TextBox + + + Surname + string + + + + + + Your surname (also known as family name or last name). + TextBox + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + LineMarkers, MetaRefresh + + + + + + ~/tenant/templates/AzureBlue/exception.cshtml + ~/common/default_page_error.html + urn:com:microsoft:aad:b2c:elements:contract:globalexception:1.2.1 + + Error page + + + + ~/tenant/templates/AzureBlue/idpSelector.cshtml + ~/common/default_page_error.html + urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.1 + + Idp selection page + Sign in + + + + ~/tenant/templates/AzureBlue/idpSelector.cshtml + ~/common/default_page_error.html + urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.1 + + Idp selection page + Sign up + + + + ~/tenant/templates/AzureBlue/unified.cshtml + ~/common/default_page_error.html + urn:com:microsoft:aad:b2c:elements:contract:unifiedssp:2.1.5 + + Signin and Signup + + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + ~/common/default_page_error.html + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7 + + Collect information from user page + + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + ~/common/default_page_error.html + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7 + + Collect information from user page + + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + ~/common/default_page_error.html + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7 + + Local account sign up page + + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + ~/common/default_page_error.html + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7 + + Local account change password page + + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + ~/common/default_page_error.html + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7 + + Collect information from user page + + + + + + + + Local Account SignIn + + + Local Account SignIn + + + https://sts.windows.net/ + https://login.microsoftonline.com/{tenant}/.well-known/openid-configuration + https://login.microsoftonline.com/{tenant}/oauth2/token + id_token + query + email openid + + + false + POST + + + + + + + + + + + + + + + + + + + + + + Azure Active Directory + + + Azure Active Directory + + + + + + false + + + + + + Write + true + + false + + + + + + + + + + + + + + + + + + + + + + + + + + Read + true + + false + + + + + + + + + + + + + + + + + + + + + + Write + true + + false + + + + + + + + + + + + + Write + false + true + + false + + + + + + + + + + + + + + + + Read + true + + false + + + + + + + + + + + + + + + + + Self Asserted + + + User ID signup + + + api.selfasserted.profileupdate + + false + + + + + + + + + + + + + + + + + + + + + Local Account + + + Email signup + + + IpAddress + api.localaccountsignup + + + + + + + + + + + + + + + + + + + + + + + + + + + + Local Account Signin + + + SignUpWithLogonEmailExchange + Email + api.localaccountsignin + true + + false + + + + + + + + + + + + + + + + + Reset password using email address + + + IpAddress + api.localaccountpasswordreset + + + + + false + + + + + + + + + + + + Change password (username) + + + api.localaccountpasswordreset + + + + + + + + + + + + + + + + + + + Session Management + + + Noop Session Management Provider + + + + Session Mananagement Provider + + + + + + + + + + + + + + + + Session Management Provider + + + + + + Trustframework Policy Engine TechnicalProfiles + + + Trustframework Policy Engine Default Technical Profile + + + {service:te} + + + + + + Token Issuer + + + JWT Issuer + + JWT + + {service:te} + objectId + true + + + + + + + + + + + + Refresh token journey + + + Trustframework Policy Engine Refresh Token Setup Technical Profile + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + objectId + SkipThisOrchestrationStep + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + false + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml b/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml new file mode 100644 index 0000000..22d3222 --- /dev/null +++ b/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml @@ -0,0 +1,105 @@ + + + vanityb2cpoc.onmicrosoft.com + B2C_1A_TrustFrameworkLocalization + + + + + Local Account SignIn + + + + defd54c7-95ad-4025-9087-4097f20b4d1c + 8ebfd362-b1d1-4f3f-929b-9a892e4a1a08 + + + + + + + + Session Management Provider + + + + + + + + + google.com + Google + + + Google + + + google + https://accounts.google.com/o/oauth2/auth + https://accounts.google.com/o/oauth2/token + https://www.googleapis.com/oauth2/v1/userinfo + email profile + POST + false + 839892695110-9o8csfdf2u2s97fukvodei2chlj3okcg.apps.googleusercontent.com + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + objectId + SkipThisOrchestrationStep + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/VANITY_CUSTOM_B2C/TrustFrameworkLocalization.xml b/VANITY_CUSTOM_B2C/TrustFrameworkLocalization.xml new file mode 100644 index 0000000..50e4c84 --- /dev/null +++ b/VANITY_CUSTOM_B2C/TrustFrameworkLocalization.xml @@ -0,0 +1,223 @@ + + + vanityb2cpoc.onmicrosoft.com + B2C_1A_TrustFrameworkBase + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + en + + + + Email Address + Sign in + Sign in with your {0} + Password + Please enter your password + Please enter your {0} + Please enter a valid {0} + Sign up now + Sign up with {0} or {1} + Sign up with {0}, {1}, or {2} + Forgot your password? + Sign in + Don't have an account? + We are having trouble signing you in. Please try again later. + + Facebook + Your password is incorrect. + Your password is incorrect. + Your password has expired. + We can't seem to find your account. + Looks like you used an old password. + Invalid username or password. + Your account has been locked. Contact your support person to unlock it, then try again. + Your account is temporarily locked to prevent unauthorized use. Try again later. + There are too many requests at this moment. Please wait for some time and try again. + + + + + + Email Address + Email address that can be used to contact you. + Please enter a valid email address. + New Password + Enter new password + 8-16 characters, containing 3 out of 4 of the following: Lowercase characters, uppercase characters, digits (0-9), and one or more of the following symbols: @ # $ % ^ & * - _ + = [ ] { } | \ : ' , ? / ` ~ " ( ) ; . + Confirm New Password + Confirm new password + 8-16 characters, containing 3 out of 4 of the following: Lowercase characters, uppercase characters, digits (0-9), and one or more of the following symbols: @ # $ % ^ & * - _ + = [ ] { } | \ : ' , ? / ` ~ " ( ) ; . + Display Name + Your display name. + Surname + Your surname (also known as family name or last name). + Given Name + Your given name (also known as first name). + Create + One or more fields are filled out incorrectly. Please check your entries and try again. + The password entry fields do not match. Please enter the same password in both fields and try again. + A required field is missing. Please fill out all required fields and try again. + What is this? + Please provide the following details. + Please wait + This information is required. + Cancel + Change e-mail + Send new code + Send verification code + Verify code + That code is expired. Please request a new code. + You've made too many incorrect attempts. Please try again later. + That code is incorrect. Please try again. + We are having trouble verifying your email address. Please enter a valid email address and try again. + There have been too many requests to verify this email address. Please wait a while, then try again. + Verification code has been sent to your inbox. Please copy it to the input box below. + Verification code + Verification is necessary. Please click Send button. + E-mail address verified. You can now continue. + There are too many requests at this moment. Please wait for some time and try again. + Claim not verified: {0} + A user with the specified ID already exists. Please choose a different one. + Incorrect pattern for: {0} + {0} has invalid input. + Missing required element: {0} + Error in validation by: {0} + + + + + + You are already registered, please press the back button and sign in instead. + + + + + + Email Address + Email address that can be used to contact you. + Please enter a valid email address. + New Password + Enter new password + 8-16 characters, containing 3 out of 4 of the following: Lowercase characters, uppercase characters, digits (0-9), and one or more of the following symbols: @ # $ % ^ & * - _ + = [ ] { } | \ : ' , ? / ` ~ " ( ) ; . + Confirm New Password + Confirm new password + 8-16 characters, containing 3 out of 4 of the following: Lowercase characters, uppercase characters, digits (0-9), and one or more of the following symbols: @ # $ % ^ & * - _ + = [ ] { } | \ : ' , ? / ` ~ " ( ) ; . + The password entry fields do not match. Please enter the same password in both fields and try again. + One or more fields are filled out incorrectly. Please check your entries and try again. + Continue + Cancel + An account could not be found for the provided user ID. + Your account has been locked. Contact your support person to unlock it, then try again. + This information is required. + Change e-mail + Send new code + Send verification code + Verify code + That code is expired. Please request a new code. + You've made too many incorrect attempts. Please try again later. + That code is incorrect. Please try again. + We are having trouble verifying your email address. Please enter a valid email address and try again. + There have been too many requests to verify this email address. Please wait a while, then try again. + Verification code has been sent to your inbox. Please copy it to the input box below. + Verification code + Verification is necessary. Please click Send button. + E-mail address verified. You can now continue. + There are too many requests at this moment. Please wait for some time and try again. + Claim not verified: {0} + A user with the specified ID already exists. Please choose a different one. + Incorrect pattern for: {0} + {0} has invalid input. + Missing required element: {0} + Error in validation by: {0} + + + + + + Sign in + Local Account Signin + Facebook + + + + + + Email Address + Password + Continue + Cancel + Your password is incorrect. + Your password is incorrect. + Your password has expired. + We can't seem to find your account. + Looks like you used an old password. + Invalid username or password. + Your account has been locked. Contact your support person to unlock it, then try again. + Your account is temporarily locked to prevent unauthorized use. Try again later. + There are too many requests at this moment. Please wait for some time and try again. + + + + + + Display Name + Your display name. + Surname + Your surname (also known as family name or last name). + Given Name + Your given name (also known as first name). + Continue + Cancel + + + + + + \ No newline at end of file From 592ea7e7bc0e8a580e27378999cd4d4292739b82 Mon Sep 17 00:00:00 2001 From: Dawid Pastuszka Date: Mon, 11 Dec 2023 11:53:41 +0100 Subject: [PATCH 09/12] custom policy: add facebok login --- VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml b/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml index 22d3222..69d7c5c 100644 --- a/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml +++ b/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml @@ -64,6 +64,12 @@ + + + + 423796936410315 + + @@ -74,6 +80,7 @@ + @@ -88,7 +95,8 @@ - + ] + From 4430ac9f19360749b7432f32fc13fd692aea93ca Mon Sep 17 00:00:00 2001 From: Dawid Pastuszka Date: Mon, 11 Dec 2023 11:56:37 +0100 Subject: [PATCH 10/12] fb login fix --- VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml b/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml index 69d7c5c..e9c2ee8 100644 --- a/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml +++ b/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml @@ -95,7 +95,7 @@ - ] + From 4982b46006b482dc3e34c256ae5dff1c7afc477c Mon Sep 17 00:00:00 2001 From: Dawid Pastuszka Date: Mon, 11 Dec 2023 14:46:55 +0100 Subject: [PATCH 11/12] B2c custom policy: add social link policy --- .../TrustFrameworkBase.xml | 11 +- VANITY_CUSTOM_B2C/AccountLinkAndUnlink.xml | 38 + VANITY_CUSTOM_B2C/TrustFrameworkBase.xml | 617 ++++++++++-- .../TrustFrameworkExtensions.xml | 928 +++++++++++++++++- 4 files changed, 1500 insertions(+), 94 deletions(-) create mode 100644 VANITY_CUSTOM_B2C/AccountLinkAndUnlink.xml diff --git a/Display Controls Starterpack/SocialAndLocalAccounts/TrustFrameworkBase.xml b/Display Controls Starterpack/SocialAndLocalAccounts/TrustFrameworkBase.xml index 6b9334c..4626e44 100644 --- a/Display Controls Starterpack/SocialAndLocalAccounts/TrustFrameworkBase.xml +++ b/Display Controls Starterpack/SocialAndLocalAccounts/TrustFrameworkBase.xml @@ -1,12 +1,5 @@ - - + + diff --git a/VANITY_CUSTOM_B2C/AccountLinkAndUnlink.xml b/VANITY_CUSTOM_B2C/AccountLinkAndUnlink.xml new file mode 100644 index 0000000..8643e08 --- /dev/null +++ b/VANITY_CUSTOM_B2C/AccountLinkAndUnlink.xml @@ -0,0 +1,38 @@ + + + + vanityb2cpoc.onmicrosoft.com + B2C_1A_TrustFrameworkExtensions + + + + + + + + + + + PolicyProfile + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/VANITY_CUSTOM_B2C/TrustFrameworkBase.xml b/VANITY_CUSTOM_B2C/TrustFrameworkBase.xml index bc6af35..af0d050 100644 --- a/VANITY_CUSTOM_B2C/TrustFrameworkBase.xml +++ b/VANITY_CUSTOM_B2C/TrustFrameworkBase.xml @@ -1,4 +1,6 @@ + + + + - + + + Username string - + TextBox - - OID - string - - - - AlternativeSecurityId - string - - + User's Object's Tenant ID string @@ -43,6 +40,7 @@ Tenant identifier (ID) of the user object in Azure AD. + User's Object ID string @@ -53,31 +51,36 @@ Object identifier (ID) of the user object in Azure AD. + Sign in name string - + TextBox + Email Address string Email address to use for signing in. TextBox + Account Enabled boolean Specifies whether the user's account is enabled. Specifies whether your account is enabled. + Password string Enter password Password + @@ -104,6 +107,7 @@ ) {8,16}$ # the length must be between 8 and 16 chars inclusive --> + Confirm New Password string @@ -113,31 +117,48 @@ + Password Policies string Password policies used by Azure AD to determine password strength, expiry etc. + client_id string Special parameter passed to EvoSTS. Special parameter passed to EvoSTS. + resource_id string Special parameter passed to EvoSTS. Special parameter passed to EvoSTS. + Subject string - + + + + + AlternativeSecurityId + string + + + + + MailNickName + string + Your mail nick name as stored in the Azure Active Directory. + Identity Provider string @@ -146,8 +167,9 @@ - + + Display Name string @@ -159,6 +181,7 @@ Your display name. TextBox + Email Address string @@ -171,11 +194,13 @@ + Alternate Email Addresses stringCollection Email addresses that can be used to contact the user. + UserPrincipalName string @@ -186,66 +211,80 @@ Your user name as stored in the Azure Active Directory. + UPN User Name string The user name for creating user principal name. + User is new boolean - + + Executed-SelfAsserted-Input string A claim that specifies whether attributes were collected from the user. + AuthenticationSource string Specifies whether the user was authenticated at Social IDP or local account. - - - refreshTokenIssuedOnDateTime - string - Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. - Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. - - - refreshTokensValidFromDateTime - string - Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. - Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. - + + + + refreshTokenIssuedOnDateTime + string + Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. + Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. + + + + refreshTokensValidFromDateTime + string + Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. + Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. + + + nca string Special parameter passed for local account authentication to login.microsoftonline.com. + grant_type string Special parameter passed for local account authentication to login.microsoftonline.com. + scope string Special parameter passed for local account authentication to login.microsoftonline.com. + objectIdFromSession boolean Parameter provided by the default session management provider to indicate that the object id has been retrieved from an SSO session. + isActiveMFASession boolean Parameter provided by the MFA session management to indicate that the user has an active MFA session. + + Given Name string @@ -257,6 +296,7 @@ Your given name (also known as first name). TextBox + Surname string @@ -268,7 +308,16 @@ Your surname (also known as family name or last name). TextBox + + + Verification Code + string + Enter your verification code + TextBox + + + @@ -279,26 +328,7 @@ - - - - - - - - - - - - - - - - - - - - + @@ -307,6 +337,7 @@ + @@ -318,6 +349,7 @@ + @@ -327,6 +359,7 @@ + @@ -335,13 +368,39 @@ + + + + + + + + + + + + + + + + + + + + + + + + LineMarkers, MetaRefresh + + ~/tenant/templates/AzureBlue/exception.cshtml @@ -351,6 +410,7 @@ Error page + ~/tenant/templates/AzureBlue/idpSelector.cshtml ~/common/default_page_error.html @@ -360,6 +420,7 @@ Sign in + ~/tenant/templates/AzureBlue/idpSelector.cshtml ~/common/default_page_error.html @@ -369,6 +430,7 @@ Sign up + ~/tenant/templates/AzureBlue/unified.cshtml ~/common/default_page_error.html @@ -377,6 +439,7 @@ Signin and Signup + ~/tenant/templates/AzureBlue/selfAsserted.cshtml ~/common/default_page_error.html @@ -385,6 +448,7 @@ Collect information from user page + ~/tenant/templates/AzureBlue/selfAsserted.cshtml ~/common/default_page_error.html @@ -393,6 +457,7 @@ Collect information from user page + ~/tenant/templates/AzureBlue/selfAsserted.cshtml ~/common/default_page_error.html @@ -401,6 +466,7 @@ Local account sign up page + ~/tenant/templates/AzureBlue/selfAsserted.cshtml ~/common/default_page_error.html @@ -409,6 +475,16 @@ Local account change password page + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml + ~/common/default_page_error.html + urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7 + + Collect information from user page + + + ~/tenant/templates/AzureBlue/selfAsserted.cshtml ~/common/default_page_error.html @@ -418,12 +494,80 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + facebook.com + Facebook + + + + Facebook + + + facebook + https://www.facebook.com/dialog/oauth + https://graph.facebook.com/oauth/access_token + GET + 0 + + + json + + + + + + + + + + + + + + + + + + + + + + + + Local Account SignIn @@ -437,7 +581,7 @@ id_token query email openid - + false POST @@ -461,20 +605,93 @@ + Azure Active Directory + Azure Active Directory + + false + + + + + + Write + true + + false + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Read + true + + + + + + + + + + + + + + + + + + + + + + false + + + + + Write @@ -490,6 +707,7 @@ + @@ -504,6 +722,7 @@ + Read @@ -517,6 +736,7 @@ + @@ -529,6 +749,7 @@ + Write @@ -541,10 +762,13 @@ + + + Write @@ -558,12 +782,14 @@ + + @@ -575,6 +801,7 @@ + @@ -584,11 +811,62 @@ + + Self Asserted + + + User ID signup + + + api.socialccountsignup + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + User ID signup @@ -597,15 +875,26 @@ false + + + + + + + + + + @@ -617,9 +906,11 @@ + Local Account + Email signup @@ -633,14 +924,25 @@ + + + + + + + + + + - + + @@ -651,6 +953,7 @@ + Local Account Signin @@ -665,6 +968,10 @@ + + + + @@ -676,6 +983,7 @@ + @@ -689,16 +997,21 @@ false + + + - + + + Change password (username) @@ -710,7 +1023,12 @@ + + + + + @@ -719,8 +1037,10 @@ + + Session Management @@ -728,6 +1048,7 @@ Noop Session Management Provider + Session Mananagement Provider @@ -743,6 +1064,23 @@ + + + + + + + + Session Mananagement Provider + + + true + + + + + + Session Management Provider @@ -750,6 +1088,7 @@ + Trustframework Policy Engine TechnicalProfiles @@ -762,6 +1101,7 @@ + Token Issuer @@ -782,49 +1122,85 @@ - - - Refresh token journey - - - Trustframework Policy Engine Refresh Token Setup Technical Profile - - - - - + + Refresh token journey + + + Trustframework Policy Engine Refresh Token Setup Technical Profile + + + + + - - + + + + + + + + + + + + + + + + + + + AAD SSPR + + + Send Code + + + SendCode + + + + - - - - - - - - - + + Verify Code + + + VerifyCode + + + + + + + + + + + @@ -833,45 +1209,126 @@ + - + + + + + authenticationSource + localAccountAuthentication + SkipThisOrchestrationStep + + + + + + + + + + + + objectId + SkipThisOrchestrationStep + + + + + + + + + + + + authenticationSource + socialIdpAuthentication + SkipThisOrchestrationStep + + - + + + + + objectId + SkipThisOrchestrationStep + + + + + + + + + + + + + + + + authenticationSource + localAccountAuthentication + SkipThisOrchestrationStep + + - + + + + authenticationSource + socialIdpAuthentication + SkipThisOrchestrationStep + + + + + + + + - + + + @@ -888,6 +1345,7 @@ + false @@ -896,7 +1354,9 @@ + + @@ -905,5 +1365,6 @@ + \ No newline at end of file diff --git a/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml b/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml index e9c2ee8..c883703 100644 --- a/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml +++ b/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml @@ -3,7 +3,198 @@ vanityb2cpoc.onmicrosoft.com B2C_1A_TrustFrameworkLocalization - + + + + + + + userIdentities + userIdentityCollection + userIdentities + + + userIdentitiesToUnlink + userIdentityCollection + userIdentities + + + userIdentity + userIdentity + userIdentity + + + + objectIdToLink + string + Second account user objectId + + + + + + string + Add help text here + Paragraph + + + + issuerToUnlink + string + issuerToUnlink + + + + issuerToLink + string + issuerToLink + + + + issuerUserId + string + issuerUserId + + + + issuerUserIdToLink + string + issuerUserIdToLink + + + + userIdentityToLink + userIdentity + userIdentityToLink + + + + issuers + stringCollection + User identity providers. This information is received from alternativeSecurityIds + + + issuersToUnlink + stringCollection + User identity providers. This information is received from alternativeSecurityIds + + + linkOrUnlink + string + Define whether the user is link or unlink an account + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Local Account SignIn @@ -27,6 +218,8 @@ + + google.com Google @@ -64,15 +257,578 @@ - - - - 423796936410315 - - + + + + Azure Active Directory + + + + 1.6 + Read + false + + + + + + + + + + + + + 1.6 + Read + true + User does not exist. Please sign up before you can sign in. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + false + + + + + + + 1.6 + Write + true + You are already registered, please press the back button and sign in instead. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 1.6 + Write + false + true + + + + + + + + + + + + + + + + + + + + + + + 1.6 + + + + + + + + + + + + + + + + + Self Asserted + + + + Unsolicited error message + + + api.selfasserted + + false + + + + + + + + + + + + + + User ID signup + + + api.selfasserted + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Social Accounts + + + Unlink Microsoft + + + issuersToUnlink + + + + + + + + + OnItemExistenceInStringCollectionClaim + + + + + + Facebook + + + Facebook + + + facebook + https://www.facebook.com/dialog/oauth + https://graph.facebook.com/oauth/access_token + GET + 0 + json + + + 423796936410315 + email public_profile + https://graph.facebook.com/me?fields=id,first_name,last_name,name,email + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Link Facebook + + issuers + facebook.com + + + + + + + + + + + + + + OnItemAbsenceInStringCollectionClaim + + + + Unlink Facebook + + facebook.com + + + + + + + + + + + + google.com + Google + + + Google + + + google + https://accounts.google.com/o/oauth2/auth + https://accounts.google.com/o/oauth2/token + https://www.googleapis.com/oauth2/v1/userinfo + email profile + POST + 0 + + + App Id + + + + + + + + + + google + https://accounts.google.com/o/oauth2/auth + https://accounts.google.com/o/oauth2/token + https://www.googleapis.com/oauth2/v1/userinfo + email profile + POST + false + 839892695110-9o8csfdf2u2s97fukvodei2chlj3okcg.apps.googleusercontent.com + + + + + + + + + + + + + + + + + + + + + + + + + Link Google + + + google + https://accounts.google.com/o/oauth2/auth + https://accounts.google.com/o/oauth2/token + https://www.googleapis.com/oauth2/v1/userinfo + email profile + POST + false + 839892695110-9o8csfdf2u2s97fukvodei2chlj3okcg.apps.googleusercontent.com + + + + + + + + + + + + + + + + + + + + + + + + Unlink Google + + google.com + + + + + + + + + + + + live.com + Microsoft Account + + + Microsoft Account + + + https://login.live.com + https://login.live.com/.well-known/openid-configuration + code + form_post + openid profile email + POST + 0 + + + App Id + + + + + + + + + + + + + + + + + + + + + + + + + + Link Microsoft + + issuers + live.com + + + + + + + + + + + + + OnItemAbsenceInStringCollectionClaim + + + + Unlink Microsoft + + live.com + + + + + + + + + + + twitter.com + Twitter + + + Twitter + + + Twitter + https://api.twitter.com/oauth/authenticate + https://api.twitter.com/oauth/access_token + https://api.twitter.com/oauth/request_token + https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true + json + + + App Id + + + + + + + + + + + + + + + + + + + + + + + + + + Link Twitter + + issuers + twitter.com + + + + + + + + + + + + + OnItemAbsenceInStringCollectionClaim + + + + Unlink Twitter + + twitter.com + + + + + + + + + + + + + @@ -109,5 +865,163 @@ + + + + + + + + + + + + + + + + + + + objectId + SkipThisOrchestrationStep + + + + + + + + + + + + + + authenticationSource + localAccountAuthentication + SkipThisOrchestrationStep + + + + + + + + + + + + objectId + SkipThisOrchestrationStep + + + + + + + + + + + + authenticationSource + socialIdpAuthentication + SkipThisOrchestrationStep + + + + + + + + + + + + objectId + SkipThisOrchestrationStep + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + linkOrUnlink + unlink + SkipThisOrchestrationStep + + + + + + + + + + + + linkOrUnlink + unlink + SkipThisOrchestrationStep + + + objectIdToLink + SkipThisOrchestrationStep + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file From 235d86d7e3fbce70c6e4be7228a8d01edae328c1 Mon Sep 17 00:00:00 2001 From: Dawid Pastuszka Date: Tue, 12 Dec 2023 19:44:31 +0100 Subject: [PATCH 12/12] B2d : add custom claims --- VANITY_CUSTOM_B2C/ProfileEdit.xml | 4 + VANITY_CUSTOM_B2C/SignUpOrSignin.xml | 4 +- VANITY_CUSTOM_B2C/TrustFrameworkBase.xml | 371 ++++++++---------- .../TrustFrameworkExtensions.xml | 191 +++++++-- 4 files changed, 324 insertions(+), 246 deletions(-) diff --git a/VANITY_CUSTOM_B2C/ProfileEdit.xml b/VANITY_CUSTOM_B2C/ProfileEdit.xml index 74ae1c3..c1ee262 100644 --- a/VANITY_CUSTOM_B2C/ProfileEdit.xml +++ b/VANITY_CUSTOM_B2C/ProfileEdit.xml @@ -9,6 +9,10 @@ PolicyProfile + + + + diff --git a/VANITY_CUSTOM_B2C/SignUpOrSignin.xml b/VANITY_CUSTOM_B2C/SignUpOrSignin.xml index 2199ef7..f259a81 100644 --- a/VANITY_CUSTOM_B2C/SignUpOrSignin.xml +++ b/VANITY_CUSTOM_B2C/SignUpOrSignin.xml @@ -4,7 +4,7 @@ B2C_1A_TrustFrameworkExtensions - + @@ -16,6 +16,8 @@ + + diff --git a/VANITY_CUSTOM_B2C/TrustFrameworkBase.xml b/VANITY_CUSTOM_B2C/TrustFrameworkBase.xml index af0d050..2c711ee 100644 --- a/VANITY_CUSTOM_B2C/TrustFrameworkBase.xml +++ b/VANITY_CUSTOM_B2C/TrustFrameworkBase.xml @@ -1,7 +1,6 @@ - - + - - + + Date of Birth + date + The user's date of birth. + Your date of birth. + DateTimeDropdown + + + + + + Mobile Phone + string + TextBox + + + + Username string - + TextBox - User's Object's Tenant ID string @@ -40,7 +54,6 @@ Tenant identifier (ID) of the user object in Azure AD. - User's Object ID string @@ -51,36 +64,31 @@ Object identifier (ID) of the user object in Azure AD. - Sign in name string - + TextBox - Email Address string Email address to use for signing in. TextBox - Account Enabled boolean Specifies whether the user's account is enabled. Specifies whether your account is enabled. - Password string Enter password Password - @@ -107,7 +115,6 @@ ) {8,16}$ # the length must be between 8 and 16 chars inclusive --> - Confirm New Password string @@ -117,48 +124,41 @@ - Password Policies string Password policies used by Azure AD to determine password strength, expiry etc. - client_id string Special parameter passed to EvoSTS. Special parameter passed to EvoSTS. - resource_id string Special parameter passed to EvoSTS. Special parameter passed to EvoSTS. - Subject string - + - AlternativeSecurityId string - + - MailNickName string Your mail nick name as stored in the Azure Active Directory. - Identity Provider string @@ -167,9 +167,8 @@ - + - Display Name string @@ -181,7 +180,6 @@ Your display name. TextBox - Email Address string @@ -194,13 +192,11 @@ - Alternate Email Addresses stringCollection Email addresses that can be used to contact the user. - UserPrincipalName string @@ -211,80 +207,66 @@ Your user name as stored in the Azure Active Directory. - UPN User Name string The user name for creating user principal name. - User is new boolean - + - Executed-SelfAsserted-Input string A claim that specifies whether attributes were collected from the user. - AuthenticationSource string Specifies whether the user was authenticated at Social IDP or local account. - - - - refreshTokenIssuedOnDateTime - string - Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. - Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. - - - - refreshTokensValidFromDateTime - string - Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. - Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. - - + + + refreshTokenIssuedOnDateTime + string + Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. + Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. + + + refreshTokensValidFromDateTime + string + Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. + Used to determine if the user should be permitted to reauthenticate silently via their existing refresh token. + - nca string Special parameter passed for local account authentication to login.microsoftonline.com. - grant_type string Special parameter passed for local account authentication to login.microsoftonline.com. - scope string Special parameter passed for local account authentication to login.microsoftonline.com. - objectIdFromSession boolean Parameter provided by the default session management provider to indicate that the object id has been retrieved from an SSO session. - isActiveMFASession boolean Parameter provided by the MFA session management to indicate that the user has an active MFA session. - - Given Name string @@ -296,7 +278,6 @@ Your given name (also known as first name). TextBox - Surname string @@ -308,16 +289,36 @@ Your surname (also known as family name or last name). TextBox - Verification Code string Enter your verification code TextBox - + + + + 1960-01-01 + Today + + + + + + + + + + + + + + + + + @@ -328,7 +329,6 @@ - @@ -337,7 +337,6 @@ - @@ -349,7 +348,6 @@ - @@ -359,7 +357,6 @@ - @@ -368,7 +365,6 @@ - @@ -377,42 +373,36 @@ - - - - - - - - - - - - - - + + + + + + + + + + + + - LineMarkers, MetaRefresh - - - ~/tenant/templates/AzureBlue/exception.cshtml + ~/tenant/templates/MSA/exception.cshtml ~/common/default_page_error.html urn:com:microsoft:aad:b2c:elements:contract:globalexception:1.2.1 Error page - - ~/tenant/templates/AzureBlue/idpSelector.cshtml + ~/tenant/templates/MSA/idpSelector.cshtml ~/common/default_page_error.html urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.1 @@ -420,9 +410,8 @@ Sign in - - ~/tenant/templates/AzureBlue/idpSelector.cshtml + ~/tenant/templates/MSA/idpSelector.cshtml ~/common/default_page_error.html urn:com:microsoft:aad:b2c:elements:contract:providerselection:1.2.1 @@ -430,63 +419,56 @@ Sign up - - ~/tenant/templates/AzureBlue/unified.cshtml + ~/tenant/templates/MSA/unified.cshtml ~/common/default_page_error.html urn:com:microsoft:aad:b2c:elements:contract:unifiedssp:2.1.5 Signin and Signup - - ~/tenant/templates/AzureBlue/selfAsserted.cshtml + ~/tenant/templates/MSA/selfAsserted.cshtml ~/common/default_page_error.html urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7 Collect information from user page - - ~/tenant/templates/AzureBlue/selfAsserted.cshtml + ~/tenant/templates/MSA/selfAsserted.cshtml ~/common/default_page_error.html urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7 Collect information from user page - - ~/tenant/templates/AzureBlue/selfAsserted.cshtml + ~/tenant/templates/MSA/selfAsserted.cshtml ~/common/default_page_error.html urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7 Local account sign up page - - ~/tenant/templates/AzureBlue/selfAsserted.cshtml + ~/tenant/templates/MSA/selfAsserted.cshtml ~/common/default_page_error.html urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7 Local account change password page - - ~/tenant/templates/AzureBlue/selfAsserted.cshtml + ~/tenant/templates/MSA/selfAsserted.cshtml ~/common/default_page_error.html urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7 Collect information from user page - - ~/tenant/templates/AzureBlue/selfAsserted.cshtml + ~/tenant/templates/MSA/selfAsserted.cshtml ~/common/default_page_error.html urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7 @@ -494,7 +476,6 @@ - @@ -516,14 +497,13 @@ - + - @@ -541,9 +521,9 @@ https://graph.facebook.com/oauth/access_token GET 0 - json + 423796936410315 @@ -568,6 +548,46 @@ + + google.com + Google + + + Google + + + google + https://accounts.google.com/o/oauth2/auth + https://accounts.google.com/o/oauth2/token + https://www.googleapis.com/oauth2/v1/userinfo + email profile + POST + false + 839892695110-9o8csfdf2u2s97fukvodei2chlj3okcg.apps.googleusercontent.com + + + + + + + + + + + + + + + + + + + + + + + + Local Account SignIn @@ -581,7 +601,6 @@ id_token query email openid - false POST @@ -605,26 +624,20 @@ - Azure Active Directory - Azure Active Directory - - false - - Write @@ -643,7 +656,6 @@ - @@ -659,7 +671,6 @@ - Read @@ -670,9 +681,7 @@ - - @@ -682,16 +691,13 @@ - false - - Write @@ -707,7 +713,6 @@ - @@ -722,7 +727,6 @@ - Read @@ -736,7 +740,6 @@ - @@ -749,7 +752,6 @@ - Write @@ -762,13 +764,10 @@ - - - Write @@ -782,14 +781,12 @@ - - @@ -801,7 +798,6 @@ - @@ -811,14 +807,11 @@ - - Self Asserted - User ID signup @@ -845,6 +838,7 @@ + + - User ID signup @@ -875,30 +868,32 @@ false - - - + + + + - + + @@ -906,11 +901,9 @@ - Local Account - Email signup @@ -928,11 +921,12 @@ - + + @@ -942,18 +936,18 @@ - + + - Local Account Signin @@ -983,7 +977,6 @@ - @@ -1005,13 +998,11 @@ - - Change password (username) @@ -1023,7 +1014,6 @@ - @@ -1037,10 +1027,8 @@ - - Session Management @@ -1048,7 +1036,6 @@ Noop Session Management Provider - Session Mananagement Provider @@ -1064,12 +1051,10 @@ - - Session Mananagement Provider @@ -1080,7 +1065,6 @@ - Session Management Provider @@ -1088,7 +1072,6 @@ - Trustframework Policy Engine TechnicalProfiles @@ -1101,7 +1084,6 @@ - Token Issuer @@ -1122,41 +1104,37 @@ - - - - Refresh token journey - - - Trustframework Policy Engine Refresh Token Setup Technical Profile - - - - - + + Refresh token journey + + + Trustframework Policy Engine Refresh Token Setup Technical Profile + + + + + - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + AAD SSPR @@ -1184,12 +1162,9 @@ - - - @@ -1199,7 +1174,6 @@ - @@ -1213,7 +1187,6 @@ - @@ -1227,7 +1200,6 @@ - @@ -1242,7 +1214,6 @@ - @@ -1271,26 +1242,24 @@ - - - - + - + - + + @@ -1317,18 +1286,15 @@ - - - @@ -1345,7 +1311,6 @@ - false @@ -1354,9 +1319,7 @@ - - @@ -1365,6 +1328,6 @@ - + \ No newline at end of file diff --git a/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml b/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml index c883703..e3dcd9c 100644 --- a/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml +++ b/VANITY_CUSTOM_B2C/TrustFrameworkExtensions.xml @@ -7,6 +7,24 @@ + + + Date of Birth + date + The user's date of birth. + Your date of birth. + DateTimeDropdown + + + + + + Mobile Phone + string + TextBox + + + userIdentities @@ -83,7 +101,30 @@ string Define whether the user is link or unlink an account + + + + + + + 1960-01-01 + Today + + + + + + + + + + + + + + + @@ -487,6 +528,8 @@ + + Facebook @@ -586,28 +629,14 @@ 0 - App Id + 839892695110-9o8csfdf2u2s97fukvodei2chlj3okcg.apps.googleusercontent.com - - - - google - https://accounts.google.com/o/oauth2/auth - https://accounts.google.com/o/oauth2/token - https://www.googleapis.com/oauth2/v1/userinfo - email profile - POST - false - 839892695110-9o8csfdf2u2s97fukvodei2chlj3okcg.apps.googleusercontent.com - - - - + @@ -629,36 +658,22 @@ Link Google - - - google - https://accounts.google.com/o/oauth2/auth - https://accounts.google.com/o/oauth2/token - https://www.googleapis.com/oauth2/v1/userinfo - email profile - POST - false - 839892695110-9o8csfdf2u2s97fukvodei2chlj3okcg.apps.googleusercontent.com + + issuers + google.com - - - - - - - - - - + + + - - - - + + - + + + OnItemAbsenceInStringCollectionClaim @@ -867,6 +882,100 @@ + + + + + + + + + + + + + + + + + + + objectId + SkipThisOrchestrationStep + + + + + + + + + + + + + + authenticationSource + localAccountAuthentication + SkipThisOrchestrationStep + + + + + + + + + + + + objectId + SkipThisOrchestrationStep + + + + + + + + + + + + authenticationSource + socialIdpAuthentication + SkipThisOrchestrationStep + + + + + + + + + + + objectId + SkipThisOrchestrationStep + + + + + + + + + + + + + +