Menu
I have been looking for a way for azure function custom authentication. I could see many out of the box authentication including function keys, AD authentication, and other identity providers. My scenario is to authenticate azure function only for those logged into the web application using a custom user name and password, which I have stored in the database. Is there an out of the box implementation for that? Any help would be much appreciated
772
I came across a similar problem as I wanted to authenticate requests using JWT access tokens issued by an external OAuth server. There’s no convenient middleware that lets you do this, but you can create a custom input binding that lets you inject something like a ClaimsPrincipal into the function definition, e.g.
[FunctionName("ExampleHttpFunction")]
public static async Task<IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "example")] HttpRequest req,
ILogger log,
[AccessToken] ClaimsPrincipal principal)
{
log.LogInformation($"Request received for {principal.Identity.Name}.");
return new OkResult();
}
This separates authentication from the function itself, making it easier to test, though you'll still need to add in authorization checks and explicitly return 40x status codes.
The binding SDK isn't that well documented and you'll need to wire together half a dozen different classes to make it work, but I have written up the detail here: Custom token authentication in Azure Functions using bindings. The code itself is posted on GitHub – just replace the code in the IValueProvider implementation with your own authentication method.
I hope this helps. The alternative, I guess, is to write some boiler plate code that you add into every function?
144
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
