public static IActionResult DfmGetEasyAuthConfigFunction(
            [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "a/p/i/easyauth-config")] HttpRequest req
            )
        {
            string siteName = Environment.GetEnvironmentVariable(EnvVariableNames.WEBSITE_SITE_NAME);
            string clientId = Environment.GetEnvironmentVariable(EnvVariableNames.WEBSITE_AUTH_CLIENT_ID);

            // When deployed to Azure, this tool should always be protected by EasyAuth
            if (!string.IsNullOrEmpty(siteName) && string.IsNullOrEmpty(clientId) && !DfmEndpoint.Settings.DisableAuthentication)
            {
                return(new ObjectResult($"You need to configure EasyAuth for your '{siteName}' instance. This tool should never be exposed to the world without authentication.")
                {
                    StatusCode = 401
                });
            }

            // Trying to get tenantId from WEBSITE_AUTH_OPENID_ISSUER environment variable
            string tenantId     = "common";
            string openIdIssuer = Environment.GetEnvironmentVariable(EnvVariableNames.WEBSITE_AUTH_OPENID_ISSUER);

            if (!string.IsNullOrEmpty(openIdIssuer))
            {
                var match = GuidRegex.Match(openIdIssuer);
                if (match.Success)
                {
                    tenantId = match.Groups[1].Value;
                }
            }

            return(new { clientId, authority = "https://login.microsoftonline.com/" + tenantId }.ToJsonContentResult());
        }
        public static Task <IActionResult> DfmGetEasyAuthConfigFunction(
            [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "a/p/i/easyauth-config")] HttpRequest req,
            ILogger log
            )
        {
            return(req.HandleErrors(log, async() => {
                // Checking nonce, if it was set as an env variable.
                // Don't care about return value of this method here.
                Auth.IsNonceSetAndValid(req.Headers);

                string siteName = Environment.GetEnvironmentVariable(EnvVariableNames.WEBSITE_SITE_NAME);
                string clientId = Environment.GetEnvironmentVariable(EnvVariableNames.WEBSITE_AUTH_CLIENT_ID);

                // When deployed to Azure, this tool should always be protected by EasyAuth
                if (!string.IsNullOrEmpty(siteName) && string.IsNullOrEmpty(clientId) && !DfmEndpoint.Settings.DisableAuthentication)
                {
                    log.LogError($"You need to configure EasyAuth for your '{siteName}' instance. This tool should never be exposed to the world without authentication.");
                    return new UnauthorizedResult();
                }

                string unauthenticatedAction = Environment.GetEnvironmentVariable(EnvVariableNames.WEBSITE_AUTH_UNAUTHENTICATED_ACTION);
                if (unauthenticatedAction == Auth.UnauthenticatedActionRedirectToLoginPage)
                {
                    // Assuming it is the server-directed login flow to be used
                    // and returning just the user name (to speed up login process)
                    var userNameClaim = req.HttpContext.User?.FindFirst(DfmEndpoint.Settings.UserNameClaimName);
                    return new { userName = userNameClaim?.Value }.ToJsonContentResult();
                }

                // Trying to get tenantId from WEBSITE_AUTH_OPENID_ISSUER environment variable
                string tenantId = "common";
                string openIdIssuer = Environment.GetEnvironmentVariable(EnvVariableNames.WEBSITE_AUTH_OPENID_ISSUER);
                if (!string.IsNullOrEmpty(openIdIssuer))
                {
                    var match = GuidRegex.Match(openIdIssuer);
                    if (match.Success)
                    {
                        tenantId = match.Groups[1].Value;
                    }
                }

                return new { clientId, authority = "https://login.microsoftonline.com/" + tenantId }.ToJsonContentResult();
            }));
        }
        public static IActionResult Run(
            // Using /a/p/i route prefix, to let Functions Host distinguish api methods from statics
            [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "a/p/i/easyauth-config")] HttpRequest req
            )
        {
            // Checking if hub name is specified
            string hubName = Environment.GetEnvironmentVariable(EnvVariableNames.DFM_HUB_NAME);

            if (string.IsNullOrEmpty(hubName))
            {
                return(new ObjectResult($"You need to explicitly specify the hub name via '{EnvVariableNames.DFM_HUB_NAME}' application setting.")
                {
                    StatusCode = 500
                });
            }

            string siteName = Environment.GetEnvironmentVariable(EnvVariableNames.WEBSITE_SITE_NAME);
            string clientId = Environment.GetEnvironmentVariable(EnvVariableNames.WEBSITE_AUTH_CLIENT_ID);

            // When deployed to Azure, this tool should always be protected by EasyAuth
            if (!string.IsNullOrEmpty(siteName) && string.IsNullOrEmpty(clientId))
            {
                return(new ObjectResult($"You need to configure EasyAuth for your '{siteName}' instance. This tool should never be exposed to the world without authentication.")
                {
                    StatusCode = 401
                });
            }

            // Trying to get tenantId from WEBSITE_AUTH_OPENID_ISSUER environment variable
            string tenantId     = "common";
            string openIdIssuer = Environment.GetEnvironmentVariable(EnvVariableNames.WEBSITE_AUTH_OPENID_ISSUER);

            if (!string.IsNullOrEmpty(openIdIssuer))
            {
                var match = GuidRegex.Match(openIdIssuer);
                if (match.Success)
                {
                    tenantId = match.Groups[1].Value;
                }
            }

            return(new { clientId, authority = "https://login.microsoftonline.com/" + tenantId }.ToJsonContentResult());
        }
Пример #4
0
 public static bool IsGuid(string value)
 {
     return(GuidRegex.IsMatch(value));
 }
Пример #5
0
 public static string RemoveGuids(this string source)
 {
     return(GuidRegex.Replace(source, string.Empty));
 }