Andreas Helland ahelland

## monitoring-lb.yaml
apiVersion: v1
kind: Service
metadata:
  namespace: monitoring
  name: grafana
  labels:
    app.kubernetes.io/instance: grafana
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: grafana
    app.kubernetes.io/version: 7.5.5

## SendSignInLinkAsync.cs
 protected async Task SendSignInLinkAsync()
{
    string email = mailer.to.Email;
    string token = BuildIdToken(email);
    string link = BuildUrl(token);
    string htmlTemplate = System.IO.File.ReadAllText("SignInTemplate.html");

    var apiKey = configuration.GetSection("MailerSettings")["SendGridApiKey"];
    var client = new SendGridClient(apiKey);
    var plainTextContent = "You should be seeing a SignIn link below.";

## B2C_1A_Signup_Invitation.xml
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<TrustFrameworkPolicy
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06"
  PolicySchemaVersion="0.3.0.0"
  TenantId="yourtenant.onmicrosoft.com"
  PolicyId="B2C_1A_signup_invitation"
  PublicPolicyUri="http://yourtenant.onmicrosoft.com/B2C_1A_signup_invitation">

## B2C_1A_Signin_With_Email.xml
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<TrustFrameworkPolicy
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06"
  PolicySchemaVersion="0.3.0.0"
  TenantId="yourtenant.onmicrosoft.com"
  PolicyId="B2C_1A_signin_with_email"
  PublicPolicyUri="http://yourtenant.onmicrosoft.com/B2C_1A_signin_with_email">

## BuildIdToken.cs
public static string BuildIdToken(string Subject)
{
    string issuer = jwt.Issuer;
    string audience = jwt.Audience;

    IList<System.Security.Claims.Claim> claims = new List<System.Security.Claims.Claim>();
    claims.Add(new System.Security.Claims.Claim("ver", jwt.Version, System.Security.Claims.ClaimValueTypes.String, issuer));
    claims.Add(new System.Security.Claims.Claim("sub", Subject, System.Security.Claims.ClaimValueTypes.String, issuer));
    claims.Add(new System.Security.Claims.Claim("iat", jwt.iat, System.Security.Claims.ClaimValueTypes.String, issuer));
    claims.Add(new System.Security.Claims.Claim("name", jwt.name, System.Security.Claims.ClaimValueTypes.String, issuer));

## B2C_1A_TrustFrameworkExtensions_Dev.xml
<ClaimsProvider>
    <Domain>Apple</Domain>
        <DisplayName>Apple</DisplayName>
        <TechnicalProfiles>
            <TechnicalProfile Id="AppleID">
            <DisplayName>Sign in with Apple</DisplayName>
            <Protocol Name="OpenIdConnect" />
            <Metadata>
                <Item Key="client_id">%apple-client-id%</Item>
                <Item Key="UsePolicyInRedirectUri">0</Item>

## HRD_Internal.xml
<UserJourney Id="HRD_Internal">
     <OrchestrationSteps>
       <OrchestrationStep Order="1" Type="ClaimsExchange">
         <ClaimsExchanges>
           <ClaimsExchange Id="pre-hrd" TechnicalProfileReferenceId="SelfAsserted-EmailCollect" />
         </ClaimsExchanges>
       </OrchestrationStep>
       <OrchestrationStep Order="2" Type="ClaimsExchange">
         <ClaimsExchanges>
           <ClaimsExchange Id="HRD" TechnicalProfileReferenceId="HRD_Function" />

## HRD_External.xml
<UserJourney Id="HRD_External">
     <OrchestrationSteps>
       <OrchestrationStep Order="1" Type="ClaimsExchange">
         <ClaimsExchanges>
           <ClaimsExchange Id="HRD" TechnicalProfileReferenceId="HRD_Function" />
         </ClaimsExchanges>
       </OrchestrationStep>
       <OrchestrationStep Order="2" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
         <Preconditions>
           <Precondition Type="ClaimsExist" ExecuteActionsIf="true">

## gist:c7a44b2358f941d1e0c2adcc0302ab70
<ClaimsProvider>
     <DisplayName>REST APIs - HRD</DisplayName>
     <TechnicalProfiles>
       <TechnicalProfile Id="HRD_Function">
         <DisplayName>Do an IdP lookup based on email</DisplayName>
         <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
         <Metadata>
           <Item Key="ServiceUrl">https://b2c-backend/api/HRD?code=foobar</Item>
           <Item Key="AuthenticationType">None</Item>
           <Item Key="SendClaimsIn">Body</Item>

## run.csx
#r "Newtonsoft.Json"

using System;
using System.Net;
using System.Net.Http.Formatting;
using Newtonsoft.Json;

public static async Task<object> Run(HttpRequestMessage request, TraceWriter log)
{
    log.Info($"Webhook was triggered!");
	apiVersion: v1
	kind: Service
	metadata:
	namespace: monitoring
	name: grafana
	labels:
	app.kubernetes.io/instance: grafana
	app.kubernetes.io/managed-by: Helm
	app.kubernetes.io/name: grafana
	app.kubernetes.io/version: 7.5.5
	protected async Task SendSignInLinkAsync()
	{
	string email = mailer.to.Email;
	string token = BuildIdToken(email);
	string link = BuildUrl(token);
	string htmlTemplate = System.IO.File.ReadAllText("SignInTemplate.html");

	var apiKey = configuration.GetSection("MailerSettings")["SendGridApiKey"];
	var client = new SendGridClient(apiKey);
	var plainTextContent = "You should be seeing a SignIn link below.";
	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
	<TrustFrameworkPolicy
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
	xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06"
	PolicySchemaVersion="0.3.0.0"
	TenantId="yourtenant.onmicrosoft.com"
	PolicyId="B2C_1A_signup_invitation"
	PublicPolicyUri="http://yourtenant.onmicrosoft.com/B2C_1A_signup_invitation">
	public static string BuildIdToken(string Subject)
	{
	string issuer = jwt.Issuer;
	string audience = jwt.Audience;

	IList<System.Security.Claims.Claim> claims = new List<System.Security.Claims.Claim>();
	claims.Add(new System.Security.Claims.Claim("ver", jwt.Version, System.Security.Claims.ClaimValueTypes.String, issuer));
	claims.Add(new System.Security.Claims.Claim("sub", Subject, System.Security.Claims.ClaimValueTypes.String, issuer));
	claims.Add(new System.Security.Claims.Claim("iat", jwt.iat, System.Security.Claims.ClaimValueTypes.String, issuer));
	claims.Add(new System.Security.Claims.Claim("name", jwt.name, System.Security.Claims.ClaimValueTypes.String, issuer));
	<ClaimsProvider>
	<Domain>Apple</Domain>
	<DisplayName>Apple</DisplayName>
	<TechnicalProfiles>
	<TechnicalProfile Id="AppleID">
	<DisplayName>Sign in with Apple</DisplayName>
	<Protocol Name="OpenIdConnect" />
	<Metadata>
	<Item Key="client_id">%apple-client-id%</Item>
	<Item Key="UsePolicyInRedirectUri">0</Item>
	<UserJourney Id="HRD_Internal">
	<OrchestrationSteps>
	<OrchestrationStep Order="1" Type="ClaimsExchange">
	<ClaimsExchanges>
	<ClaimsExchange Id="pre-hrd" TechnicalProfileReferenceId="SelfAsserted-EmailCollect" />
	</ClaimsExchanges>
	</OrchestrationStep>
	<OrchestrationStep Order="2" Type="ClaimsExchange">
	<ClaimsExchanges>
	<ClaimsExchange Id="HRD" TechnicalProfileReferenceId="HRD_Function" />
	<UserJourney Id="HRD_External">
	<OrchestrationSteps>
	<OrchestrationStep Order="1" Type="ClaimsExchange">
	<ClaimsExchanges>
	<ClaimsExchange Id="HRD" TechnicalProfileReferenceId="HRD_Function" />
	</ClaimsExchanges>
	</OrchestrationStep>
	<OrchestrationStep Order="2" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
	<Preconditions>
	<Precondition Type="ClaimsExist" ExecuteActionsIf="true">
	<ClaimsProvider>
	<DisplayName>REST APIs - HRD</DisplayName>
	<TechnicalProfiles>
	<TechnicalProfile Id="HRD_Function">
	<DisplayName>Do an IdP lookup based on email</DisplayName>
	<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
	<Metadata>
	<Item Key="ServiceUrl">https://b2c-backend/api/HRD?code=foobar</Item>
	<Item Key="AuthenticationType">None</Item>
	<Item Key="SendClaimsIn">Body</Item>
	#r "Newtonsoft.Json"

	using System;
	using System.Net;
	using System.Net.Http.Formatting;
	using Newtonsoft.Json;

	public static async Task<object> Run(HttpRequestMessage request, TraceWriter log)
	{
	log.Info($"Webhook was triggered!");