Add support for custom authentication handlers #6805
Today if you try to overwrite a service that we've registered, it can cause problems. We have a fairly vague explanation of this here: https://docs.microsoft.com/en-us/azure/azure-functions/functions-dotnet-dependency-injection#overriding-host-services.
Customers that try to add their own authentication in a FunctionsStartup can run into odd errors later like
One example would be doing this in your startup:
We should add a way to allow auth handlers from Startup compose with the built-in functions handlers. Or another alternative may be to prevent custom handlers from impacting
The text was updated successfully, but these errors were encountered:
I drilled down investigating what is causing this issue and found out that Azure Function Host has internal logic that is calling "builder.Services.AddAuthentication()" after the client Startup.cs is executed and since in your Startup.cs is already present "builder.Services.AddAuthentication()" the internal one will be ignored.
Here is the link to internal authentication registration:
Line 46 in 852eed9
Here is a "AddAuthentication()" internal logic that ignores the subsequent services registration:
So workaround would be to use dynamic Authentication Schema registration and not to call "builder.Services.AddAuthentication()" at startup.
Dynamic schema registration example:
My use case:
My old code in Startup.cs:
My new code in Startup.cs:
Please note that I use custom scheme since Azure Function uses 3 default schemes (including Bearer) so I have to use different one for my custom authentication
Now you can authenticate to your function with custom scheme
@nazar-kuzo Awesome ✨
Basically it is the same API but they implement interface so you dont need to explicitly call it