Exemplo n.º 1
0
        public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "Aasp/{AppId}/Token")] HttpRequest req, ILogger log, string appId)
        {
            log.LogInformation("Aasp.Token function processed a request.");

            string authToken = req.Headers["Authorization"];

            if (string.IsNullOrEmpty(authToken))
            {
                return(new ObjectResult("Authorization header value is null or empty."));
            }

            try
            {
                TokenHelpers.IsTokenValid(authToken, Constants.Issuer, Constants.AaspAudience);
            }
            catch (Exception e)
            {
                return(new ObjectResult(e.Message)
                {
                    StatusCode = 401
                });
            }

            string accessToken = TokenHelpers.GenerateToken(appId, Constants.Issuer, TimeSpan.FromMinutes(5));

            return(new OkObjectResult(accessToken));
        }
Exemplo n.º 2
0
        public static async Task <IActionResult> Run([HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "Aasp/Auth")] HttpRequest req, ILogger log)
        {
            log.LogInformation("Aasp.Auth function processed a request.");

            ClientCredentialFlowInfo clientCredentialFlowInfo = new ClientCredentialFlowInfo();

            if (req.HasFormContentType)
            {
                clientCredentialFlowInfo.ClientId     = req.Form["ClientId"];
                clientCredentialFlowInfo.ClientSecret = req.Form["ClientSecret"];
            }
            else
            {
                string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
                clientCredentialFlowInfo = JsonConvert.DeserializeObject <ClientCredentialFlowInfo>(requestBody);
            }

            if (string.IsNullOrEmpty(clientCredentialFlowInfo.ClientId) || string.IsNullOrEmpty(clientCredentialFlowInfo.ClientSecret))
            {
                return(new BadRequestObjectResult("ClientId and ClientSecret must be provided in the body of the message."));
            }

            return(new OkObjectResult(TokenHelpers.GenerateToken(Constants.AaspAudience, Constants.Issuer, TimeSpan.FromMinutes(5))));
        }