如何使用Visual Studio在Azure功能中获取登录用户的组信息 [英] How to get logged-in user's group infomation in Azure function using Visual studio
问题描述
我们试图通过令牌绑定使用Visual Studio在Azure功能中获取登录用户的组信息,但绑定在本地环境中无效。 / p>
我们尝试实现的具体方案如下:
我们使用Azure功能在Angular 6.0和API中构建了前端应用程序使用Azure AD进行身份验证。我们有几组在天青AD和每个组有用户喜欢以下
            &NBSP ;  
组名 | 群组中的用户 |
Test1 | | | User1 |
| User2 |
| |
| User3 |
User4 |
我们也有cosmos DB中的文件,如下所示
T1:
{
               "头" ;: {
'p>                                " DocumentName" ;:" T1",
      &NBSP ;                        " ;日期时间" ;:" 2018-09-04T14:14:09",
                              &NBS磷;  " DocumentType" ;:" schoolData",
              &NBSP ;                 "组" ;:"测试1",
              &NBSP ;                 }
}
T2:
{
" Header":{
" DocumentName":" T2" ;,$
" DateTime":" 2018-09-04T14:14:09",
" DocumentType":" schoolData",
" Group":" Test1",
}
}
T3:
{
" Header":{
" DocumentName":" T3",
" DateTime":" 2018-09-04T14:14:09",b
" DocumentType":" schoolData",$
" Group":"" Test2",
}
}
T4:
{
" Header" :{
" DocumentName":" T4",
" DateTime":" 2018-09-04T14:14:09",
" DocumentType" ;:" schoolData",
" Group":" Test2",
}
}
我们能够从Angular生成OAuth JWT令牌,该令牌也具有组ID信息。当我想要返回我的COSMOS Db中的所有文档时,应用程序端到端工作正常。
现在问题是我需要根据用户的组将Azure函数返回的数据限制为Angular app,即Test1组的User1部分只能得到T1和T2文件,而Test2组的User2部分应该得到T3和T4文件。
但是我无法根据我从Angular App收到的令牌访问Azure功能中的组信息。
如果您提供一些指针/代码,我将不胜感激样本来实现这一点。
来自
document :
当与任一userFromId,userFromToken或userFromRequest选项的本地开发功能,需要令牌可以是
手动获得并且从主叫客户端应用程序中的 X-MS-TOKEN-AAD-ID-TOKEN 请求报头中指定。
Hi,
We are trying to get the logged-in user's group information in Azure functions using Visual studio by token binding but binding is not working in local environment.
The exact scenario which we are trying to achieve is as below:
We have front end application built in Angular 6.0 and API using Azure functions which are authenticated using Azure AD. We have few groups in Azure AD and every group have users like below
Group Name |
Users in group |
Test1 |
|
User1 |
|
User2 |
|
Test2 |
|
User3 |
|
User4 |
We also have documents in cosmos DB like below
T1 :
{
"Header": {
"DocumentName": "T1",
"DateTime": "2018-09-04T14:14:09",
"DocumentType": "schoolData",
"Group": "Test1",
}
}
T2:
{
"Header": {
"DocumentName": "T2",
"DateTime": "2018-09-04T14:14:09",
"DocumentType": "schoolData",
"Group": "Test1",
}
}
T3:
{
"Header": {
"DocumentName": "T3",
"DateTime": "2018-09-04T14:14:09",
"DocumentType": "schoolData",
"Group": "Test2",
}
}
T4:
{"Header": {
"DocumentName": "T4",
"DateTime": "2018-09-04T14:14:09",
"DocumentType": "schoolData",
"Group": "Test2",
}
}
We are able to generate the OAuth JWT token from Angular which also have group id information. Application is working fine end to end when I want to return all the documents which are there in my COSMOS Db.
Now the problem is I need to restrict the data which is returned from Azure functions to Angular app based on the user’s group i.e. User1 part of Test1 group should only get T1 and T2 document and User2 part of Test2 group should get T3 and T4 documents. But I am unable to access the group information in my Azure functions based on the token I am receiving from the Angular App.
I would appreciate if you provide some pointers / code sample to achieve this.
From the document :
When developing function locally with either of userFromId, userFromToken or userFromRequest options, required token can be obtained manually and specified in X-MS-TOKEN-AAD-ID-TOKEN request header from a calling client application.
这篇关于如何使用Visual Studio在Azure功能中获取登录用户的组信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!