I have a requirement to authenticate an Liferay DXP version 7.2 Application with Azure B2C.
I have configured my Azure B2C application and was able to authenticate and retrieve access-token. But I am not sure which endpoint should I provide to retrieve User Information , basically get UserInfoResponse response.
I have tried multiple endpoint URLs -
Request - https://login.microsoftonline.com/common/openid/userinfo
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6Il…
Response - BLANK
Request - https://graph.microsoft.com/oidc/userinfo
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6Il…
Response - "error" :{ "code": "InvalidAuthenticationToken",
"message": "Access token validation failure."... }
Request - https://graph.microsoft.com/v1.0/me
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6Il…
Response - <Could not get response>
Below are the details of my authorization Request -
Request URL: https://azurewithliferay.b2clogin.com/azurewithliferay.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1\_liferay&scope=openid+\[application-client-id\]+profile+email&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fc%2Fportal%2Flogin%2Fopenidconnect&state=rDhDsNOtXoMzZK-FyOwmpEfCKleOAsDJk5iM9OFRv2M&nonce=CdBdbfVVSBIM1NxOG6&client_id=\[application-client-id\]
Response - state and code
Then I passed that code in token API -
Request - curl --location --request GET https://azurewithliferay.b2clogin.com/azurewithliferay.onmicrosoft.com/oauth2/v2.0/token?p=b2c_1\_liferay&grant_type=authorization_code&client_id=85f511b...&nonce=defaultNonce&scope=openid%\[application-client-id\]%20profile%20email&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fc%2Fportal%2Flogin%2Fopenidconnect&code=\[code from authorize request]&client_secret=[app secret key]
Response -
{
"access_token": "eyJ0eXAiOiJKV1QiL.....",
"id_token": "eyJ0eXAiOiJKV1QiLCJhbGciO.....",
"token_type": "Bearer",
"not_before": 1603306931,
"expires_in": 3600,
"expires_on": 1603310531,
"resource": "[application client id]",
"id_token_expires_in": 3600,
"profile_info": "eyJ2ZXIiOiIxLjAiLCJ0aW.....",
"scope": "/ openid"
}
On passing this access code I can get information from https://jwt.ms/.
But since my application framework liferay needs user information response by requesting UserInformationEndPoint with access token and expected response as com.nimbusds.openid.connect.sdk.UserInfoResponse.