I'm using Azure AD and have registered an application in it. I've used msal-browser JS library to sign-in the user and obtain an Authorization token:
{
//...
"accessToken": "eyJ0eXAiOiJKV1QiLCJub25jZSI6IkY...",
"account": {
"homeAccountId": "00000000-0000-0000-bac6-4831a1177397.9188040d-6c67-4c5b-b112-36a304b66dad",
"environment": "login.windows.net",
"tenantId": "62765715-2081-4050-bdc7-8c2e178d7424",
"username": "tfgh55555@outlook.com",
"localAccountId": "6fad727e-1df2-4b14-b234-30b407b7ab42",
"name": "Tali Gehrin",
"idTokenClaims": {
"aud": "0d42647a-183c-404b-bbe1-796ad6420989",
"iss": "https://login.microsoftonline.com/62765715-2081-4050-bdc7-8c2e178d7424/v2.0",
"iat": 1633271767,
"nbf": 1633271767,
"exp": 1633275667,
"idp": "https://sts.windows.net/9188040d-6c67-4c5b-b112-36a304b66dad/",
"name": "Tali Gehrin",
"nonce": "b04400da-eb58-4617-bbaa-5c66e04d762a",
"oid": "6fad727e-1df2-4b14-b234-30b407b7ab42",
"preferred_username": "tfgh55555@outlook.com",
"rh": "0.AREAFVd2YoEgUEC9x4wuF410JHpkQg08GEtAu-F5atZCCYkRABI.",
"roles": [
"content_manager" //<= the role i'm interested in
],
"sub": "WbvYLdLb3DNVgczM_iyu4n4i-s8mPtfhQqVyAK_abaU",
"tid": "62765715-2081-4050-bdc7-8c2e178d7424",
"uti": "HDhn_MWkl0iGcm-jlBEMAA",
"ver": "2.0"
}
},
//...
}
I'm passing accessToken
in an HTTP call as header
Authorization: Bearer yJ0eXAiOiJKV1QiLCJub25jZSI6IkY...
How do I validate and decipher this token inside an Azure function running Node?
You can validate and decipher this token inside an Azure function running Node by Azure function that implements the HTTP trigger. This requires configuration data to perform a token validation and these are inside the AzureAdTokenAttribute instance. However, the token will be inside the HttpRequest. To have access to what was implemented in the token validation service, you will insert IHttpContextAccessor.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.