Renaming policy to userFlow

Author: Tiago Brenck

Microsoft.Identity.Web/AuthorityHelpers.cs

@@ -29,11 +29,11 @@ internal static string BuildAuthority(MicrosoftIdentityOptions options)
             var pathBase = baseUri.PathAndQuery.TrimEnd('/');
             var domain = options.Domain;
 
-            // If there are policies, then it must build a B2C authority 
-            if (!string.IsNullOrWhiteSpace(options.DefaultPolicy))
+            // If there are user flows, then it must build a B2C authority 
+            if (!string.IsNullOrWhiteSpace(options.DefaultUserFlow))
             {
-                var policy = options.DefaultPolicy;
-                return new Uri(baseUri, new PathString($"{pathBase}/{domain}/{policy}/v2.0")).ToString();
+                var userFlow = options.DefaultUserFlow;
+                return new Uri(baseUri, new PathString($"{pathBase}/{domain}/{userFlow}/v2.0")).ToString();
             }
 
             else

Microsoft.Identity.Web/AzureADB2COpenIDConnectEventHandlers.cs

@@ -27,29 +27,29 @@ public AzureADB2COpenIDConnectEventHandlers(string schemeName, MicrosoftIdentity
 
         public Task OnRedirectToIdentityProvider(RedirectContext context)
         {
-            var defaultPolicy = Options.DefaultPolicy;
+            var defaultUserFlow = Options.DefaultUserFlow;
             if (context.Properties.Items.TryGetValue(OidcConstants.PolicyKey, out var policy) &&
                 !string.IsNullOrEmpty(policy) &&
-                !string.Equals(policy, defaultPolicy, StringComparison.OrdinalIgnoreCase))
+                !string.Equals(policy, defaultUserFlow, StringComparison.OrdinalIgnoreCase))
             {
                 context.ProtocolMessage.Scope = OpenIdConnectScope.OpenIdProfile;
                 context.ProtocolMessage.ResponseType = OpenIdConnectResponseType.IdToken;
-                context.ProtocolMessage.IssuerAddress = BuildIssuerAddress(context, defaultPolicy, policy);
+                context.ProtocolMessage.IssuerAddress = BuildIssuerAddress(context, defaultUserFlow, policy);
                 context.Properties.Items.Remove(OidcConstants.PolicyKey);
             }
 
             return Task.CompletedTask;
         }
 
-        private string BuildIssuerAddress(RedirectContext context, string defaultPolicy, string policy)
+        private string BuildIssuerAddress(RedirectContext context, string defaultUserFlow, string userFlow)
         {
-            if (!_policyToIssuerAddress.TryGetValue(policy, out var issuerAddress))
+            if (!_policyToIssuerAddress.TryGetValue(userFlow, out var issuerAddress))
             {
-                _policyToIssuerAddress[policy] = context.ProtocolMessage.IssuerAddress.ToLowerInvariant()
-                    .Replace($"/{defaultPolicy.ToLowerInvariant()}/", $"/{policy.ToLowerInvariant()}/");
+                _policyToIssuerAddress[userFlow] = context.ProtocolMessage.IssuerAddress.ToLowerInvariant()
+                    .Replace($"/{defaultUserFlow.ToLowerInvariant()}/", $"/{userFlow.ToLowerInvariant()}/");
             }
 
-            return _policyToIssuerAddress[policy];
+            return _policyToIssuerAddress[userFlow];
         }
 
         public Task OnRemoteFailure(RemoteFailureContext context)
@@ -65,7 +65,7 @@ public Task OnRemoteFailure(RemoteFailureContext context)
             if (context.Failure is OpenIdConnectProtocolException && context.Failure.Message.Contains("AADB2C90118"))
             {
                 // If the user clicked the reset password link, redirect to the reset password route
-                context.Response.Redirect($"{context.Request.PathBase}/AzureADB2C/Account/ResetPassword/{SchemeName}");
+                context.Response.Redirect($"{context.Request.PathBase}/MicrosoftIdentity/Account/ResetPassword/{SchemeName}");
             }
             // Access denied errors happen when a user cancels an action on the Azure Active Directory B2C UI. We just redirect back to
             // the main page in that case.
@@ -79,7 +79,7 @@ public Task OnRemoteFailure(RemoteFailureContext context)
             }
             else
             {
-                context.Response.Redirect($"{context.Request.PathBase}/AzureADB2C/Account/Error");
+                context.Response.Redirect($"{context.Request.PathBase}/MicrosoftIdentity/Account/Error");
             }
 
             return Task.CompletedTask;

Microsoft.Identity.Web/MicrosoftIdentityOptions.cs

@@ -38,10 +38,10 @@ public class MicrosoftIdentityOptions : OpenIdConnectOptions
         public string ResetPasswordPolicyId { get; set; }
 
         /// <summary>
-        /// Gets or sets the default policy.
+        /// Gets the default user flow (which is signUpsignIn).
         /// </summary>
-        public string DefaultPolicy => SignUpSignInPolicyId;
+        public string DefaultUserFlow => SignUpSignInPolicyId;
 
-        internal bool IsB2C { get { return !string.IsNullOrWhiteSpace(DefaultPolicy); } }
+        internal bool IsB2C { get { return !string.IsNullOrWhiteSpace(DefaultUserFlow); } }
     }
 }

Microsoft.Identity.Web/TokenAcquisition.cs

@@ -314,7 +314,7 @@ private IConfidentialClientApplication BuildConfidentialClientApplication()
 
             if (microsoftIdentityOptions.IsB2C)
             {
-                authority = $"{applicationOptions.Instance.TrimEnd('/')}/tfp/{microsoftIdentityOptions.Domain}/{microsoftIdentityOptions.DefaultPolicy}";
+                authority = $"{applicationOptions.Instance.TrimEnd('/')}/tfp/{microsoftIdentityOptions.Domain}/{microsoftIdentityOptions.DefaultUserFlow}";
                 app = ConfidentialClientApplicationBuilder
                     .CreateWithApplicationOptions(applicationOptions)
                     .WithRedirectUri(currentUri)
@@ -418,7 +418,7 @@ private async Task<string> GetAccessTokenOnBehalfOfUserFromCacheAsync(
                 // Acquire an access token as another B2C authority
                 if (_microsoftIdentityOptions.IsB2C)
                 {
-                    string authority = application.Authority.Replace(new Uri(application.Authority).PathAndQuery, $"/tfp/{tenant}/{_microsoftIdentityOptions.DefaultPolicy}");
+                    string authority = application.Authority.Replace(new Uri(application.Authority).PathAndQuery, $"/tfp/{tenant}/{_microsoftIdentityOptions.DefaultUserFlow}");
                     result = await application
                         .AcquireTokenSilent(scopes.Except(_scopesRequestedByMsal), account)
                         .WithB2CAuthority(authority)