We have an older CMS (Kentico 11), which is ASP.NET-based (not Core, not Blazor, not MVC) with a target framework of .NET Framework 4.6.1. For various reasons we can't just replace it any time soon. As part of the process of replacing our web offerings gradually we would like to build in a piece that will authenticate against our Azure AD B2C tenant so the old CMS content and the new pieces we roll out can be using the same authentication authority.
Obviously this older code base does not include any support for more recent Microsoft Identity interactions. The problem we've had is, we are rank beginners at this, and all of the documentation and tutorials are based on .NET Core/Blazor, and assume you have or can upgrade to the most recent SDKs. We are quite happy to begin working at a lower level of abstraction than the Microsoft.Identity libraries but have been unable to find any documentation of anything below that.
Where can we find documentation of the specifications for interacting with Azure B2C (what do we need to send in the auth hand-off, and what can we expect to see in an OpenID token)? If that's deliberately not published for some reason, what other possibilities are there for tying an older code base to B2C?