SubJourneysSubJourneys

SubJourneys 可用于组织和简化用户旅程中的业务流程步骤流。Subjourneys can be used to organize and simplify the flow of orchestration steps within a user journey. 用户旅程指定策略允许信赖方应用为用户获取所需声明的显式路径。User journeys specify explicit paths through which a policy allows a relying party application to obtain the wanted claims for a user. 用户通过这些路径检索要提供给信赖方的声明。The user is taken through these paths to retrieve the claims that are to be presented to the relying party. 换言之,用户旅程定义最终用户在 Azure AD B2C 标识体验框架处理请求时所经历的业务逻辑。In other words, user journeys define the business logic of what an end user goes through as the Azure AD B2C Identity Experience Framework processes the request. 用户旅程表示为成功事务必须遵循的业务流程序列。A user journey is represented as an orchestration sequence that must be followed through for a successful transaction. 业务流程步骤的 ClaimsExchange 元素绑定到执行的单个技术配置文件The ClaimsExchange element of an orchestration step is tied to a single technical profile that executes.

Subjourney 是业务流程步骤的分组,可以在用户旅程中的任何时间点调用。A subjourney is a grouping of orchestration steps that can be invoked at any point within a user journey. 你可以使用 Subjourney 来创建可重用的步骤序列,或实现分支以更好地表示业务逻辑。You can use subjourneys to create reusable step sequences or implement branching to better represent the business logic.

备注

此功能目前以公共预览版提供。This feature is in public preview.

用户旅程分支User journey branching

Subjourney 的行为类似于用户旅程,它们都可以表示为成功事务必须遵循的业务流程序列。Subjourneys behave like user journeys, as both are represented as an orchestration sequence that must be followed through for a successful transaction. 用户旅程可以自行调用,并且需要执行 SendClaims 步骤。User journeys can be invoked on their own and require a SendClaims step to execute. Subjourney 是用户旅程的组件,不能单独调用,并且始终从用户旅程中调用。Subjourneys are components of user journeys and cannot be invoked independently, and are always called from a user journey.

分支的关键部分是允许在用户旅程中进行更好的业务逻辑处理。The key component of branching is to allow for better business logic processing in a user journey. 常见的业务流程步骤分组为单独的部分,以便分别调用。Common orchestration steps are grouped into individual pieces to be invoked separately. Subjourney 可简化将多个业务流程步骤耦合在一起(具有相同的前提条件)的旅程。A subjourney can simplify a journey where multiple orchestration steps are coupled together (having same preconditions). Subjourney 仅从用户旅程中调用,它不应调用另一个 Subjourney。A subjourney is called only from a user journey, it shouldn't call another subjourney.

有两种类型的 Subjourney:There are two types of subjourneys:

  • Call - 将控制权返回给调用方。Call - Returns control to the caller. SubJourney 执行,然后将控制权返回给用户旅程中当前正在执行的业务流程步骤。The subJourney executes, and then control is returned to the orchestration step that is currently executing within the user journey.
  • Transfer - 将控制权转移给 Subjourney(不可逆的分支)。Transfer - Transfers control to the subjourney (irreversible branching). Subjourney 必须具有 SendClaims 步骤,才能将声明返回给信赖方应用。The subjourney must have a SendClaims step to return the claims back to the relying party application.

方案示例Example scenarios

Call SubJourneyCall SubJourney

Call SubJourney 在以下情况下非常有用:A Call SubJourney is useful in the following scenarios:

  • 年龄限制:对于年龄限制,用户旅程中有许多共享组件。Age Gating: For age gating, there are many shared components among the user journeys. 分支允许将公共元素编译为可共享的组件。Branching allows to compile the common elements into sharable components.
  • 家长同意:分支允许我们访问未成年人执行的用户旅程中的声明,以及在发现用户需要同意后能够分支到家长同意用户旅程中,从而在家长同意设计中提供了便利。Parental Consent: Branching allows convenience in the parental consent design by allowing us to access claims from the user journey the minor executed, along with being able to branch into a parental consent user journey after finding the user requires consent.
  • 注册以登录:请考虑这样一种情况:用户已存在于目录中,但可能忘记了他们实际上已创建了帐户。Sign up to sign in: Consider a scenario where a user already exists in the directory but may have forgotten that they had in fact created an account. 在这种情况下,可能希望策略可以为该用户从注册流切换到登录流,而不是告诉用户他们输入的凭据已经存在,并强制用户重新开始旅程。It may be desirable in such a case that instead of telling the user that the credentials they have entered already exists and forcing the user to restart the journey that the policy can do a switch from a sign-up flow to a sign-in flow for that user.

Transfer SubJourneyTransfer SubJourney

Transfer SubJourney 在以下情况下非常有用:A Transfer SubJourney is useful in the following scenarios:

  • 显示块页。Showing a block page.
  • A/B 测试,通过将请求路由到 SubJourney 来执行和颁发令牌。A/B testing by routing the request to a SubJourney to execute and issue a token.

添加 SubJourney 元素Adding a SubJourney element

以下 xml 是 Call 类型的 SubJourney 元素的一个示例,它将控制权返回给用户旅程。The following xml is an example of a SubJourney element of type Call, which returns control back to the user journey.

<SubJourneys>
  <SubJourney Id="ConditionalAccess_Evaluation" Type="Call">
    <OrchestrationSteps>
      <OrchestrationStep Order="1" Type="ClaimsExchange">
       <ClaimsExchanges>
        <ClaimsExchange Id="ConditionalAccessEvaluation" TechnicalProfileReferenceId="ConditionalAccessEvaluation" />
       </ClaimsExchanges>
      </OrchestrationStep>
      <OrchestrationStep Order="2" Type="ClaimsExchange">
        <Preconditions>
          <Precondition Type="ClaimsExist" ExecuteActionsIf="false">
            <Value>conditionalAccessClaimCollection</Value>
            <Action>SkipThisOrchestrationStep</Action>
          </Precondition>
        </Preconditions>
        <ClaimsExchanges>
          <ClaimsExchange Id="GenerateCAClaimFlags" TechnicalProfileReferenceId="GenerateCAClaimFlags" />
        </ClaimsExchanges>
      </OrchestrationStep>
    </OrchestrationSteps>
  </SubJourney>
</SubJourneys>

以下 xml 是 Transfer 类型的 SubJourney 元素的一个示例,它将一个令牌返回给信赖方应用。The following xml is an example of a SubJourney element of type Transfer, which returns a token back to the relying party application.

<SubJourneys>
  <SubJourney Id="B" Type="Transfer">
    <OrchestrationSteps>
      ...
      <OrchestrationStep Order="5" Type="SendClaims">
    </OrchestrationSteps>
  </SubJourney>
</SubJourneys>

调用 Subjourney 步骤Invoke a subjourney step

InvokeSubJourney 类型的新业务流程步骤用于执行 Subjourney。A new orchestration step of type InvokeSubJourney is used to execute a subjourney. 以下 xml 示例显示了此业务流程步骤的所有执行元素。The following xml is an example showing all the execution elements of this orchestration step.

<OrchestrationStep Order="5" Type="InvokeSubJourney">
  <JourneyList>
    <Candidate SubJourneyReferenceId="ConditionalAccess_Evaluation" />
  </JourneyList>
</OrchestrationStep>

备注

Subjourney 不应调用另一个 Subjourney。A subjourney should not call another subjourney.

组件Components

若要定义策略支持的 Subjourney,请在策略文件的最上层元素下添加 SubJourneys 元素。To define the subjourneys supported by the policy, add a SubJourneys element under the top-level element of the policy file.

SubJourneys 元素包含以下元素:The SubJourneys element contains the following element:

元素Element 出现次数Occurrences 说明Description
SubJourneySubJourney 1:n1:n 定义完整用户流所需全部构造的 Subjourney。A subjourney that defines all of the constructs necessary for a complete user flow.

SubJourneys 元素包含以下属性:The SubJourneys element contains the following attributes:

属性Attribute 必须Required 说明Description
IDId Yes 用户旅程可用于引用策略中 SubJourney 的 SubJourney 标识符。The SubJourney identifier that can be used to by the user journey to reference the SubJourney in the policy. Candidate 元素的 SubJourneyReferenceId 元素指向此属性。The SubJourneyReferenceId element of the Candidate element points to this attribute.
类型Type Yes 可能的值:CallTransferPossible values: Call, or Transfer. 有关详细信息,请参阅用户旅程分支For more information, see User journey branching

SubJourney 元素包含以下元素:The SubJourney element contains the following element:

元素Element 出现次数Occurrences 说明Description
OrchestrationStepsOrchestrationSteps 1:n1:n 成功事务必须遵循的业务流程序列。An orchestration sequence that must be followed through for a successful transaction. 每个用户旅程都包含按顺序执行的业务流程步骤的有序列表。Every user journey consists of an ordered list of orchestration steps that are executed in sequence. 如果任何步骤失败,则事务将失败。If any step fails, the transaction fails.

OrchestrationStepsOrchestrationSteps

有关业务流程步骤元素的完整列表,请参阅 UserJourneysFor the complete list of orchestration step elements, see UserJourneys.

后续步骤Next steps

UserJourneysUserJourneys