使用 ARM 模板在 Azure Function App 中轻松进行身份验证和授权 [英] Easy Authentication and Authorization in Azure Function App using ARM template
本文介绍了使用 ARM 模板在 Azure Function App 中轻松进行身份验证和授权的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
如果我手动配置,Azure App Service 的简单身份验证和授权"功能在我的 Azure Function 应用程序中有效.当我使用 ARM 模板时它不起作用.
"Easy Authentication and Authorization" feature of Azure App Service works in my Azure Function app if I configure it manually. It does not work when I use an ARM Template.
I used this web site to figure out the config values: https://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.management.websites.models.siteauthsettings?view=azuremgmtwebsites-1.6.0-preview
这是它的样子,想法?
编辑:在 https://resources.azure.com 我看到根本没有应用siteAuthEnabled"和siteAuthSettings".是否应该在其他地方指定它们?
EDIT : after checking the resulting config at https://resources.azure.com I see that "siteAuthEnabled" and "siteAuthSettings" are not applied at all. Should they be specified somewhere else?
{
"apiVersion": "2016-08-01",
"type": "Microsoft.Web/sites",
"name": "[parameters('webApiFunctionAppName')]",
"location": "[resourceGroup().location]",
"kind": "functionapp",
"dependsOn": [
"[resourceId('Microsoft.Web/serverfarms', variables('webApiFunctionAppHostingPlanName'))]",
"[resourceId('Microsoft.Storage/storageAccounts', variables('azFunctionsAppStorageAccountName'))]"
],
"resources": [{
"apiVersion": "2016-08-01",
"name": "[concat(parameters('webApiFunctionAppName'), '/authsettings')]",
"type": "Microsoft.Web/sites/config",
"dependsOn": [
"[concat('Microsoft.Web/sites/', parameters('webApiFunctionAppName'))]"
],
"properties": {
"netFrameworkVersion": "v4.0",
"managedPipelineMode": "Integrated",
"siteAuthEnabled": true,
"siteAuthSettings": {
"enabled": true,
"unauthenticatedClientAction": "RedirectToLoginPage",
"tokenStoreEnabled": true,
"allowedExternalRedirectUrls": null,
"defaultProvider": "AzureActiveDirectory",
"clientId": "[parameters('aadClientId')]",
"clientSecret": null,
"issuer": "[concat('https://sts.windows.net/', parameters('aadTenant'), '/')]",
"allowedAudiences": null,
"isAadAutoProvisioned": false
}
}
}],
"properties": {
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('webApiFunctionAppHostingPlanName'))]",
"hostNameSslStates": [{
"name": "[concat(parameters('webApiFunctionAppName'),'.azurewebsites.net')]",
"sslState": "Disabled",
"virtualIP": null,
"thumbprint": null,
"toUpdate": null,
"hostType": "Standard"
},
{
"name": "[concat(parameters('webApiFunctionAppName'),'.scm.azurewebsites.net')]",
"sslState": "Disabled",
"virtualIP": null,
"thumbprint": null,
"toUpdate": null,
"hostType": "Repository"
}
],
"siteConfig": {
"appSettings": [{
"name": "AzureWebJobsDashboard",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('azFunctionsAppStorageAccountName'), ';AccountKey=', listKeys(variables('azFunctionAppStorageAccountid'),'2015-05-01-preview').key1)]"
},
{
"name": "AzureWebJobsStorage",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('azFunctionsAppStorageAccountName'), ';AccountKey=', listKeys(variables('azFunctionAppStorageAccountid'),'2015-05-01-preview').key1)]"
},
{
"name": "FUNCTIONS_EXTENSION_VERSION",
"value": "~1"
},
{
"name": "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('azFunctionsAppStorageAccountName'), ';AccountKey=', listKeys(variables('azFunctionAppStorageAccountid'),'2015-05-01-preview').key1)]"
},
{
"name": "WEBSITE_CONTENTSHARE",
"value": "[toLower(parameters('webApiFunctionAppName'))]"
}
]
}
}
}
推荐答案
好的,明白了.此模板有效.
Ok GOT it. This template works.
{
"apiVersion": "2016-08-01",
"type": "Microsoft.Web/sites",
"name": "[parameters('webApiFunctionAppName')]",
"location": "[resourceGroup().location]",
"kind": "functionapp",
"dependsOn": [
"[resourceId('Microsoft.Web/serverfarms', variables('webApiFunctionAppHostingPlanName'))]",
"[resourceId('Microsoft.Storage/storageAccounts', variables('azFunctionsAppStorageAccountName'))]"
],
"resources": [{
"name": "[concat(parameters('webApiFunctionAppName'), '/authsettings')]",
"apiVersion": "2016-08-01",
"type": "Microsoft.Web/sites/config",
"location": "[resourceGroup().location]",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('webApiFunctionAppName'))]"
],
"properties": {
"enabled": true,
"unauthenticatedClientAction": "RedirectToLoginPage",
"tokenStoreEnabled": true,
"defaultProvider": "AzureActiveDirectory",
"clientId": "[parameters('aadClientId')]",
"issuer": "[concat('https://sts.windows.net/', parameters('aadTenant'), '/')]"
}
}],
"properties": {
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('webApiFunctionAppHostingPlanName'))]",
"hostNameSslStates": [{
"name": "[concat(parameters('webApiFunctionAppName'),'.azurewebsites.net')]",
"sslState": "Disabled",
"virtualIP": null,
"thumbprint": null,
"toUpdate": null,
"hostType": "Standard"
},
{
"name": "[concat(parameters('webApiFunctionAppName'),'.scm.azurewebsites.net')]",
"sslState": "Disabled",
"virtualIP": null,
"thumbprint": null,
"toUpdate": null,
"hostType": "Repository"
}
],
"siteConfig": {
"appSettings": [{
"name": "AzureWebJobsDashboard",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('azFunctionsAppStorageAccountName'), ';AccountKey=', listKeys(variables('azFunctionAppStorageAccountid'),'2015-05-01-preview').key1)]"
},
{
"name": "AzureWebJobsStorage",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('azFunctionsAppStorageAccountName'), ';AccountKey=', listKeys(variables('azFunctionAppStorageAccountid'),'2015-05-01-preview').key1)]"
},
{
"name": "FUNCTIONS_EXTENSION_VERSION",
"value": "~1"
},
{
"name": "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('azFunctionsAppStorageAccountName'), ';AccountKey=', listKeys(variables('azFunctionAppStorageAccountid'),'2015-05-01-preview').key1)]"
},
{
"name": "WEBSITE_CONTENTSHARE",
"value": "[toLower(parameters('webApiFunctionAppName'))]"
}
]
}
}
}
这篇关于使用 ARM 模板在 Azure Function App 中轻松进行身份验证和授权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
