azure-functions-net-worker

Sample for the authentication package

Install using dotnet add package FrodeHus.Azure.FunctionsNETWorker.Authentication --version 1.0.0

The middleware expects Azure AD configuration in the form of:

{
    "AzureAd": {
        "Instance": "https://login.microsoftonline.com/",
        "TenantId": "your tenant id",
        "ClientId": "your application id"
    }
}

public static void Main()
        {
            var host = new HostBuilder()
             .ConfigureAppConfiguration(c =>
                {
                    c.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true);
                    c.Build();
                })
                .ConfigureServices((b, s) =>
                {
                    s.AddOptions();
                    s.Configure<AzureAdConfig>(b.Configuration.GetSection("AzureAd"));
                })
                .ConfigureFunctionsWorkerDefaults(app => app.UseMiddleware<AuthenticationMiddleware>())
                .Build();

            host.Run();
        }

To verify authorization, you can tag your functions with [RequireRoles("User,Admin")] and then call the extension method FunctionContext.VerifyUserRoles() like in this example:

        [Function("SecureFunc")]
        [RequireRole("Access.Basic")]
        public async Task<HttpResponseData> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get")] HttpRequestData req,
            FunctionContext executionContext)
        {
            if (!executionContext.VerifyUserRoles())
            {
                return req.CreateResponse(HttpStatusCode.Forbidden);
            }

            var response = req.CreateResponse(HttpStatusCode.OK);
            return response;
        }