答案是肯定的,AD B2C用户流程会将特定属性转换为签名JWT。具体而言,它会将用户ID(即用户的唯一标识符)转换为签名JWT,并将其填充到ID token的'sub”字段中。下面是示例代码:
// Create claims for JWT var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, userId), new Claim(JwtRegisteredClaimNames.Iat, issuedAt), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) };
// Create JWT var jwt = new JwtSecurityToken( audience: audience, issuer: issuer, claims: claims, expires: expires, signingCredentials: signingCredentials);
// Serialize JWT var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
// Return ID token containing JWT return new JObject { ["id_token"] = encodedJwt };