A custom access token validation provider for Azure Functions via Dependency Injection. Inspired by https://github.com/BenMorris/FunctionsCustomSercuity with extra implementation for Firebase Auth.
Add in your Function's Startup.cs
using Microsoft.Azure.Functions.Extensions.DependencyInjection;
using Microsoft.Azure.Functions.Extensions.JwtCustomHandler;
using Microsoft.Azure.Functions.Extensions.JwtCustomHandler.Interface;
using Microsoft.Extensions.DependencyInjection;
using System;
[assembly: FunctionsStartup(typeof(ExampleFunction.Startup))]
namespace ExampleFunction
{
public class Startup : FunctionsStartup
{
public override void Configure(IFunctionsHostBuilder builder)
{
/// Custom Token Validator
builder.Services.AddSingleton<IClaimsTokenProvider, CustomTokenProvider>(provider => new CustomTokenProvider(
issuer: Environment.GetEnvironmentVariable("issuer"),
audience: Environment.GetEnvironmentVariable("audience"),
issuerSigningKey: Environment.GetEnvironmentVariable("issuerSigningKey")));
}
}
}Inside your Function Class
public class ExamplesFunction
{
private readonly IClaimsTokenProvider IClaimsTokenProvider;
public ExamplesFunction(IClaimsTokenProvider provider) => IClaimsTokenProvider = provider;
[FunctionName("Example_Function")]
public IActionResult HelloWorldFunction([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = null)] HttpRequest req)
{
try
{
if (req.Headers is null)
throw new NullReferenceException();
else if (req.Body is null)
throw new NullReferenceException();
AccessTokenResult _tokenResult = IClaimsTokenProvider.ValidateToken(req);
if (_tokenResult.Status != AccessTokenStatus.Valid)
return new UnauthorizedResult();
return new OkObjectResult($"Hello there, ${req.Query["name"]}");
}
catch (Exception)
{ return new BadRequestObjectResult("Web server encountered an error."); }
}
}or you can use the
Add in your Function's Startup.cs
using Microsoft.Azure.Functions.Extensions.DependencyInjection;
using Microsoft.Azure.Functions.Extensions.JwtCustomHandler;
using Microsoft.Azure.Functions.Extensions.JwtCustomHandler.Interface;
using Microsoft.Extensions.DependencyInjection;
using System;
[assembly: FunctionsStartup(typeof(ExampleFunction.Startup))]
namespace ExampleFunction
{
public class Startup : FunctionsStartup
{
public override void Configure(IFunctionsHostBuilder builder)
{
/// Firebase Id Token Validator
builder.Services.AddSingleton<IFirebaseTokenProvider, CustomTokenProvider>(provider => new CustomTokenProvider(
issuer: "https://securetoken.google.com/<your-firebase-app-name>",
audience: "<your-firebase-app-name>"));
}
}
}Inside your Function Class
public class ExamplesFunction
{
private readonly IFirebaseTokenProvider IFirebaseTokenProvider;
public ExamplesFunction(IFirebaseTokenProvider provider) => IFirebaseTokenProvider = provider;
[FunctionName("Example_Function")]
public async Task<IActionResult> HelloWorldFunction(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = null)] HttpRequest req)
{
try
{
if (req.Headers is null)
throw new NullReferenceException();
else if (req.Body is null)
throw new NullReferenceException();
AccessTokenResult _tokenResult = await IFirebaseTokenProvider.ValidateToken(req);
if (_tokenResult.Status != AccessTokenStatus.Valid)
return new UnauthorizedResult();
return new OkObjectResult($"Hello there, ${req.Query["name"]}");
}
catch (Exception)
{ return new BadRequestObjectResult("Web server encountered an error."); }
}
}Install the following to get started
IDE
Exntesions
Frameworks
Do you want to contribute? Send me an email or DM me in twitter.