BuildingBlocksBuildingBlocks

备注

在 Azure Active Directory B2C 中,custom policies 主要用于解决复杂方案。In Azure Active Directory B2C, custom policies are designed primarily to address complex scenarios. 大多数情况下,建议使用内置的用户流For most scenarios, we recommend that you use built-in user flows.

BuildingBlocks 元素添加到 TrustFrameworkPolicy 元素中。The BuildingBlocks element is added inside the TrustFrameworkPolicy element.

<TrustFrameworkPolicy
  xmlns:xsi="https://www.w3.org/2001/XMLSchema-instance"
  xmlns:xsd="https://www.w3.org/2001/XMLSchema"
  xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06"
  PolicySchemaVersion="0.3.0.0"
  TenantId="mytenant.partner.onmschina.cn"
  PolicyId="B2C_1A_TrustFrameworkBase"
  PublicPolicyUri="http://mytenant.partner.onmschina.cn/B2C_1A_TrustFrameworkBase">

  <BuildingBlocks>
    <ClaimsSchema>
      ...
    </ClaimsSchema>
    <Predicates>
    ...
    </Predicates>
    <PredicateValidations>
    ...
    </PredicateValidations>
    <ClaimsTransformations>
      ...
    </ClaimsTransformations>
    <ContentDefinitions>
      ...
    </ContentDefinitions>
    <Localization>
      ...
    </Localization>
    <DisplayControls>
      ...
    </DisplayControls>
 </BuildingBlocks>

BuildingBlocks 元素包含以下元素,必须按照定义的顺序指定:The BuildingBlocks element contains the following elements that must be specified in the order defined:

  • ClaimsSchema - 定义了可以引用为策略的一部分的声明类型。ClaimsSchema - Defines the claim types that can be referenced as part of the policy. 声明架构是发出声明类型的位置。The claims schema is the place where you declare your claim types. 声明类型类似于许多编程语言中的变量。A claim type is similar to a variable in many programmatic languages. 可以使用声明类型从应用程序的用户那里收集数据、接收来自社交标识提供者的声明、发送和接收来自自定义 REST API 的数据,也可以存储自定义策略使用的任何内部数据。You can use the claim type to collect data from the user of your application, receive claims from social identity providers, send and receive data from a custom REST API, or store any internal data used by your custom policy.

  • Predicates 和 PredicateValidationsInput - 可用于执行验证过程,以确保仅向声明输入格式正确的数据。Predicates and PredicateValidationsInput - Enables you to perform a validation process to ensure that only properly formed data is entered into a claim.

  • ClaimsTransformations - 包含可在策略中使用的一系列声明转换。ClaimsTransformations - Contains a list of claims transformations that can be used in your policy. 声明转换可以将一个声明转换为另一个声明。A claims transformation converts one claim into another. 在声明转换中,可以指定转换方法,如:In the claims transformation, you specify a transform method, such as:

    • 将字符串声明的大小写更改为指定的大小写。Changing the case of a string claim to the one specified. 例如,将字符串从小写更改为大写。For example, changing a string from lowercase to uppercase.
    • 比较两个声明并返回带 true 值的声明,指示声明匹配,否则为 false。Comparing two claims and returning a claim with true indicating that the claims match, otherwise false.
    • 基于策略中提供的参数创建字符串声明。Creating a string claim from the provided parameter in the policy.
    • 使用随机数生成器创建随机字符串。Creating a random string using the random number generator.
    • 根据提供的格式字符串格式化声明。Formatting a claim according to the provided format string. 此转换将使用 C# String.Format 方法。This transformation uses the C# String.Format method.
  • InputValidation - 此元素允许执行布尔聚合(类似于 and 和 or )。InputValidation - This element allows you to perform boolean aggregations that are similar to and and or.

  • ContentDefinitions - 包含在用户旅程中使用的 HTML5 模板的 URL。ContentDefinitions - Contains URLs for HTML5 templates to use in your user journey. 在自定义策略中,内容定义定义用于用户旅程中指定 UI 步骤的 HTML5 页面 URI。In a custom policy, a content definition defines the HTML5 page URI that's used for a specified step in the user journey. 例如,登录或注册、密码重置或错误页面。For example, the sign-in or sign-up, password reset, or error pages. 可以通过重写 HTML5 文件的 LoadUri 来修改外观。You can modify the look and feel by overriding the LoadUri for the HTML5 file. 也可根据需要创建新的内容定义。Or you can create new content definitions according to your needs. 此元素可能包含使用本地化 ID 的本地化资源引用。This element may contain a localized resources reference using a localization ID.

  • Localization - 使你能够支持多种语言。Localization - Allows you to support multiple languages. 策略中的本地化支持允许你在策略中设置支持语言列表并选择默认语言。The localization support in policies allows you set up the list of supported languages in a policy and pick a default language. 此外支持特定于语言的字符串和集合。Language-specific strings and collections are also supported.

  • DisplayControls - 定义要在页面上显示的控件。DisplayControls - Defines the controls to be displayed on a page. 显示控件具有特殊功能,并与后端验证技术配置文件交互。Display controls have special functionality and interact with back-end validation technical profiles. 显示控件目前处于预览阶段 。Display controls are currently in preview.