Skip to content

Instantly share code, notes, and snippets.

View rbrayb's full-sized avatar

rbrayb rbrayb

40 followers · 0 following
View GitHub Profile
@rbrayb
rbrayb / PASSKEY_FIX_DOCUMENTATION.md
Last active December 7, 2025 01:19
An issue with the .NET 10 passkey implementation and 1Password

Passkey Fix Documentation for 1Password Compatibility

Overview

This document details the changes made to fix passkey authentication issues with 1Password and other authenticators in the Blazor application. The primary issue was related to improper serialization of WebAuthn credential data, specifically the handling of ArrayBuffer fields and required JSON properties.

Error Messages Resolved

  1. Initial Error: The attestation credential JSON had an invalid format: Expected a valid base64url string.
  2. Secondary Error: credential.toJSON is not a function
  3. Final Error: JSON deserialization for type 'Microsoft.AspNetCore.Identity.PublicKeyCredential' was missing required properties including: 'clientExtensionResults'.
@rbrayb
rbrayb / PasskeySubmit.razor.js
Created December 7, 2025 00:51
An issue with the .NET 10 passkey implementation and 1Password
const browserSupportsPasskeys =
typeof navigator.credentials !== 'undefined' &&
typeof window.PublicKeyCredential !== 'undefined' &&
typeof window.PublicKeyCredential.parseCreationOptionsFromJSON === 'function' &&
typeof window.PublicKeyCredential.parseRequestOptionsFromJSON === 'function';
// Passkey fix: Helper function to convert ArrayBuffer to base64url string
// Base64url encoding is required by WebAuthn spec - it's base64 but URL-safe
// (replaces + with -, / with _, and removes padding =)
function arrayBufferToBase64Url(buffer) {
@rbrayb
rbrayb / Markdown.md
Created December 2, 2025 22:41
Markdown
Category B2C Capability External ID Status Difference Migration Action Gotcha Citations
Local Accounts Native local username/password authentication Native support with email/phone Same core capability Direct migration via Graph API - -
Social Identity Providers Google, Facebook, Microsoft Account, etc. Native support for major providers Same integration model Reconfigure identity providers in External ID - learn.microsoft.com
Custom Identity Providers (OIDC) Generic OIDC federation Native OIDC support Similar configuration Recreate OIDC apps in External ID - -
SAML Federation SAML 2.0 enterprise federation Supported via Entra ID federation Requires Entra ID premium SKU Migrate SAML trust to Entra federation SAML requires premium license in External ID [learn.microsoft.com](https://learn.mic
@rbrayb
rbrayb / LinkEEIDUser.ps1
Created November 25, 2025 01:32
Using PowerShell 7 with Entra External ID (EEID) to link identities
# If you haven't done this already...
# Install-Module -Name Microsoft.Graph -Repository PSGallery -Scope CurrentUser -Force -AllowClobber
# Install-Module -Name Microsoft.Entra -Repository PSGallery -Scope CurrentUser -Force -AllowClobber
# Import-Module Microsoft.Graph
# Import-Module Microsoft.Entra
# Sign in interactively to your EEID tenant.
Connect-MgGraph -Scopes 'User.ReadWrite.All', 'Directory.ReadWrite.All'
# Update your values
@rbrayb
rbrayb / B2C_1A_Extension_OrchestrateToCiam_PwdMigrate_Hybrid.xml
Created August 14, 2025 15:48
Some notes on migrating from Azure AD B2C to Entra External ID (EEID) (Part 2)
<TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0"
TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_OrchestrateToCiam_PwdMigrate_Hybrid"
PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_OrchestrateToCiam_PwdMigrate_Hybrid"
DeploymentMode="Development"
UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights">
<!--
Please modify policyId to save the policy.
@rbrayb
rbrayb / B2C_1A_Extension_OrchestrateToCiam_FullMigrate_Hybrid.xml
Created July 16, 2025 05:15
Some notes on migrating from Azure AD B2C to Entra External ID (EEID) (Part 1)
<TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0"
TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_OrchestrateToCiamV_FullMigrate_Hybrid"
PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_OrchestrateToCiamV_FullMigrate_Hybrid"
DeploymentMode="Development"
UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights">
<!--
Please modify policyId to save the policy.
@rbrayb
rbrayb / ManagePhoneNumber.cs
Created June 13, 2025 05:12
Provisioning user MFA programatically in Azure AD B2C
using Azure.Identity;
using Microsoft.Graph;
using Microsoft.Graph.Models;
using Microsoft.Graph.Models.ODataErrors;
using Microsoft.Identity.Client;
using System;
using System.Threading.Tasks;
namespace GraphPhoneAuthenticationDemo
{
@rbrayb
rbrayb / Program.cs
Created April 5, 2025 23:43
Validating the ID and Access JWT signature in Entra External ID
using Microsoft.IdentityModel.Logging;
using Microsoft.IdentityModel.Tokens;
using Newtonsoft.Json.Linq;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Cryptography;
using System.Text;
class Program
{
// https://xsreality.medium.com/making-azure-ad-oidc-compliant-5734b70c43ff
@rbrayb
rbrayb / ciamHelper.cs
Created March 31, 2025 02:52
Using Azure AD B2C custom policies to implement Profile Edit on Entra External ID with Native auth
if (method == "auth")
{
Console.WriteLine("\n" + "Authenticating user");
using (var httpClient = new HttpClient())
{
// Add Host header
httpClient.DefaultRequestHeaders.Host = "externaltenant.ciamlogin.com";
// Step 1: Initiate
@rbrayb
rbrayb / B2C_1A_Extension_OrchestrateToCiam_PE.xml
Created March 30, 2025 22:24
Using Azure AD B2C custom policies to implement Profile Edit on Entra External ID
<TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0"
TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_OrchestrateToCiamV2_PE"
PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_OrchestrateToCiamV2_PE"
DeploymentMode="Development"
UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights">
<BasePolicy>
<TenantId>tenant.onmicrosoft.com</TenantId>