Windows store application to authenticate against azure function
Question
I'm trying to replicate the following example https://github.com/Azure-Samples/active-directory-dotnet-windows-store (a Windows store application authenticating against azure AD), but I'm replacing the Web App by an Azure Function.
In the Function, the code checking whether the user is logged in is the following:
ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/scope").Value.Contains("user_impersonation"))
but this does not contain the required values, and other calls don't return any value either (eg ClaimsPrincipal.Current.FindFirst(ClaimTypes.GivenName));
Do you have any idea what is going on?
2 answers
solution1
0 2017-06-07 05:45:10
It doesn't relative to whether the code run in web App or Azure Function. The root reason is that the difference parameter/way you acquire the token.
When you protect the Azure function with Azure AD and associate the token with the request, it also parse the token and read the claims in the token and construct the ClaimsPrincipal object.
You can parse the token in this site to check whether the claims you expected in the token.
solution2
0 2017-06-07 19:15:25
See this issue https://github.com/Azure-Samples/active-directory-dotnet-daemon/issues/1
That scope is not in the claims list. You can try the following to dump all the claims you get and see what's available.
foreach (Claim claim in ClaimsPrincipal.Current.Claims)
{
log.Info("CLAIM TYPE: " + claim.Type + "; CLAIM VALUE: " + claim.Value);
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.