From 90892e33603896601ffacb0a88f27cb42665b616 Mon Sep 17 00:00:00 2001 From: Sahil Malik Date: Wed, 6 Jan 2021 17:01:15 -0500 Subject: [PATCH 1/3] Added changes to support Azure functions --- ...tionsAuthenticationHttpContextExtension.cs | 47 +++++++++++++++++++ .../Microsoft.Identity.Web.xml | 12 +++++ 2 files changed, 59 insertions(+) create mode 100644 src/Microsoft.Identity.Web/AzureFunctionsAuthenticationHttpContextExtension.cs diff --git a/src/Microsoft.Identity.Web/AzureFunctionsAuthenticationHttpContextExtension.cs b/src/Microsoft.Identity.Web/AzureFunctionsAuthenticationHttpContextExtension.cs new file mode 100644 index 000000000..d29c9ea42 --- /dev/null +++ b/src/Microsoft.Identity.Web/AzureFunctionsAuthenticationHttpContextExtension.cs @@ -0,0 +1,47 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +using System; +using System.Threading.Tasks; +using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.Mvc; + +namespace Microsoft.Identity.Web +{ + /// + /// Extensions for . + /// + public static class AzureFunctionsAuthenticationHttpContextExtension + { + /// + /// Enables Bearer authentication for an API for use in Azure Functions. + /// + /// The current HTTP Context, such as req.HttpContext. + /// A task indicating success or failure. In case of failure . + public static async Task<(bool, IActionResult?)> AuthenticateAzureFunctionAsync( + this HttpContext httpContext) + { + if (httpContext == null) + { + throw new ArgumentNullException("Parameter httpContext cannot be null"); + } + + AuthenticateResult? result = + await httpContext.AuthenticateAsync("Bearer").ConfigureAwait(false); + if (result.Succeeded) + { + httpContext.User = result.Principal; + return (true, null); + } + else + { + return (false, new UnauthorizedObjectResult(new ProblemDetails + { + Title = "Authorization failed.", + Detail = result.Failure?.Message, + })); + } + } + } +} diff --git a/src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml b/src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml index 148fd676a..cb81a7177 100644 --- a/src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml +++ b/src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml @@ -164,6 +164,18 @@ Exception from which we look for an MsalUiRequiredException. The MsalUiRequiredException if there is one, null, otherwise. + + + Extensions for . + + + + + Enables Bearer authentication for an API for use in Azure Functions. + + The current HTTP Context, such as req.HttpContext. + A task indicating success or failure. In case of failure . + Description of a certificate. From cee375826b8f4db042d3b513597478fcdf4fa1b1 Mon Sep 17 00:00:00 2001 From: Sahil Malik Date: Thu, 7 Jan 2021 03:01:54 -0500 Subject: [PATCH 2/3] Addressed jennyf19's PR comments --- ...ureFunctionsAuthenticationHttpContextExtension.cs | 12 ++++++------ .../Microsoft.Identity.Web.xml | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/Microsoft.Identity.Web/AzureFunctionsAuthenticationHttpContextExtension.cs b/src/Microsoft.Identity.Web/AzureFunctionsAuthenticationHttpContextExtension.cs index d29c9ea42..675012845 100644 --- a/src/Microsoft.Identity.Web/AzureFunctionsAuthenticationHttpContextExtension.cs +++ b/src/Microsoft.Identity.Web/AzureFunctionsAuthenticationHttpContextExtension.cs @@ -1,7 +1,7 @@ // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. -using System; +using System; using System.Threading.Tasks; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Http; @@ -18,18 +18,18 @@ public static class AzureFunctionsAuthenticationHttpContextExtension /// Enables Bearer authentication for an API for use in Azure Functions. /// /// The current HTTP Context, such as req.HttpContext. - /// A task indicating success or failure. In case of failure . + /// A task indicating success or failure. In case of failure . public static async Task<(bool, IActionResult?)> AuthenticateAzureFunctionAsync( this HttpContext httpContext) { if (httpContext == null) { - throw new ArgumentNullException("Parameter httpContext cannot be null"); + throw new ArgumentNullException(nameof(httpContext)); } AuthenticateResult? result = - await httpContext.AuthenticateAsync("Bearer").ConfigureAwait(false); - if (result.Succeeded) + await httpContext.AuthenticateAsync(Constants.Bearer).ConfigureAwait(false); + if (result != null && result.Succeeded) { httpContext.User = result.Principal; return (true, null); @@ -39,7 +39,7 @@ public static class AzureFunctionsAuthenticationHttpContextExtension return (false, new UnauthorizedObjectResult(new ProblemDetails { Title = "Authorization failed.", - Detail = result.Failure?.Message, + Detail = result?.Failure?.Message, })); } } diff --git a/src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml b/src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml index cb81a7177..46fc2900e 100644 --- a/src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml +++ b/src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml @@ -174,7 +174,7 @@ Enables Bearer authentication for an API for use in Azure Functions. The current HTTP Context, such as req.HttpContext. - A task indicating success or failure. In case of failure . + A task indicating success or failure. In case of failure . From 334c1334c0c5aedfe7e73a95fdee3fff6f429854 Mon Sep 17 00:00:00 2001 From: Sahil Malik Date: Fri, 8 Jan 2021 01:57:52 -0500 Subject: [PATCH 3/3] Updated description of the method --- .../AzureFunctionsAuthenticationHttpContextExtension.cs | 2 +- src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Microsoft.Identity.Web/AzureFunctionsAuthenticationHttpContextExtension.cs b/src/Microsoft.Identity.Web/AzureFunctionsAuthenticationHttpContextExtension.cs index 675012845..f1e477278 100644 --- a/src/Microsoft.Identity.Web/AzureFunctionsAuthenticationHttpContextExtension.cs +++ b/src/Microsoft.Identity.Web/AzureFunctionsAuthenticationHttpContextExtension.cs @@ -15,7 +15,7 @@ namespace Microsoft.Identity.Web public static class AzureFunctionsAuthenticationHttpContextExtension { /// - /// Enables Bearer authentication for an API for use in Azure Functions. + /// Enables an Azure Function to act as/expose a protected web API, enabling bearer token authentication. Calling this method from your Azure function validates the token and exposes the identity of the user or app on behalf of which your function is called, in the HttpContext.User member, where your function can make use of it. /// /// The current HTTP Context, such as req.HttpContext. /// A task indicating success or failure. In case of failure . diff --git a/src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml b/src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml index 46fc2900e..5041d3b90 100644 --- a/src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml +++ b/src/Microsoft.Identity.Web/Microsoft.Identity.Web.xml @@ -171,7 +171,7 @@ - Enables Bearer authentication for an API for use in Azure Functions. + Enables an Azure Function to act as/expose a protected web API, enabling bearer token authentication. Calling this method from your Azure function validates the token and exposes the identity of the user or app on behalf of which your function is called, in the HttpContext.User member, where your function can make use of it. The current HTTP Context, such as req.HttpContext. A task indicating success or failure. In case of failure .