stackoom
  简体   繁体   中英

Azure Function App: Authentication Breaks Development Portal

 原文  2016-11-16 08:45:49       azure/ azure-functions

Question

I've added Azure Active Directory Authentication to my function app, but as soon as I set "Action to take when request is not authenticated" to "Login with Azure Active Directory", the development interface for the function app yields this message:

Error: We are unable to reach your function app. Your app could be having a temporary issue or may be failing to start. You can check logs or try again in a couple of minutes. Session Id: 23a5880ec94743f5a9d3ac705515b294 Timestamp: 2016-11-16T08:36:54.242Z

Presumably adding the authentication requirement breaks access to the function app in some fashion... though I am able to make changes in the code editor, and they do take effect, I no longer see updates in the log panel: no compilation output messages, for example.

Does anyone know a work-around for this?

So far, I've tried just leaving the auth option to "Allow anonymous requests (no action)" and using this following code: 

public static async Task<HttpResponseMessage> Run(HttpRequestMessage req, TraceWriter log)
{
    log.Info("C# HTTP trigger function processed a request.");

    var user = "Anonymous";
    var claimsPrincipal = Thread.CurrentPrincipal as ClaimsPrincipal;
    if (claimsPrincipal != null && claimsPrincipal.Identity.IsAuthenticated)
    {
        user = claimsPrincipal.Identity.Name;
        log.Info($"Hello {user}");    
    }       

    return req.CreateResponse(HttpStatusCode.OK, "Hello " + user);        
}

However, this (rightly) doesn't redirect to the authentication provider... I would prefer to have the app take care of all that gunge for me, but if doing so means I can't see compilation messages / log messages, it makes it pretty hard to see what's going on.

1 answers

solution1
 4 ACCPTED  2016-11-16 16:09:05

Nathan,

Unfortunately, this is a limitation at the moment and we're tracking it here: https://github.com/projectkudu/AzureFunctionsPortal/issues/794

Your approach, to allow anonymous and validate in the function is what we recommend at the moment. To extend your workaround, you can add the following code to initiate a login redirect when you detect an anonymous user (the code below assumes you are using AAD). 

else
{
    log.Info("Received an anonymous request! Redirecting...");
    var res = req.CreateResponse(HttpStatusCode.Redirect);
    res.Headers.Location = new Uri(req.RequestUri, $"/.auth/login/aad?post_login_redirect_uri={req.RequestUri.AbsolutePath}&token_mode=session");
    return res;
}

We understand that isn't ideal and appreciate your patience while we work to improve this.

Thanks!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Resetting server admin password in Azure portal breaks deployed app Securing Function App via 'Authentication' blade in Azure Portal vs. manually in Startup.cs azure portal login authentication Custom Authentication for Azure Portal SignalR usage in Azure Function App and publishing on portal Azure Functions not showing up in Function app in portal Setting Azure Function app settings with VSTS without exposing in the Azure Portal How to call function App in Azure portal from .NET Core API Can't download app content of azure function via portal How to Edit Function-app Code in Azure portal
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM