在Azure Easy Tables上进行内部授权 [英] InHouse authorization on Azure Easy Tables

问题描述

我们正在使用来自iOS应用程序的Azure Easy表的同步功能.我们已经在系统中实现了自己的身份验证和授权.我已经为Easy API做到了.我也想在Easy Tables sync上扩展相同的逻辑.我不确定如何将这种逻辑添加到简单的表数据更改中.

We are using the sync feature of the Azure Easy tables from our iOS App. We have implemented our own Authentication and Authorization in our system. I have done it for Easy APIs. I want to extend the same logic on Easy Tables sync also. I am not sure how to add this logic to easy tables data changes.

任何指针都将受到高度赞赏.

Any pointers would be highly appreciated.

推荐答案

从技术上讲，这与Easy API一样简单.您的身份验证/授权机制必须生成一个JWT，该JWT具有返回给客户端的已知受众，发行者和签名秘密.您的客户端将收到的JWT放在client.currentUser.mobileServicesAuthenticationToken中(此属性的实际名称因大写规则而异，取决于客户端).完成此操作后，客户端将在每次请求期间提交令牌.

Technically, this is just as easy as Easy APIs. Your authentication / authorization mechanism must produce a JWT with a known audience, issuer and signing secret that you return to your client. Your client places the JWT that is received in the client.currentUser.mobileServicesAuthenticationToken (the actual name of this property varies based on client due to capitalization rules). Once this is done, the client will submit the token during each request.

在后端，您需要将服务器的auth设置设置为新的设置.在Easy Tables中，这涉及编辑主文件和调整创建zumo服务器的调用.在app.js文件中查找如下所示的代码:

In your backend, you need to set the auth setting for your server to something new. In Easy Tables, this involves editing the main file and adjusting the call that creates the zumo server. Look for code in the app.js file that looks like this:

var mobile = azureMobileApps({
    // Explicitly enable the Azure Mobile Apps home page
    homePage: true
});

使其看起来像这样:

var mobile = azureMobileApps({
    homePage: true,
    auth: {
        audience: "the-aud-field-from-your-JWT",
        issuer: "the-iss-field-from-your-JWT",
        secret: "the-secret-used-to-sign-the-JWT"
    }
};

参考: http://azure.github.io/azure-mobile-apps-node/global.html#authConfiguration

关于秘密，有一点陷阱.此值直接送入jsonwebtoken解码器，因此您可能需要根据 jsonwebtoken说明.

There is a little gotcha in terms of the secret. This value is fed into the jsonwebtoken decoder directly, so you may need to convert the secret you use into a Buffer, per the jsonwebtoken instructions.

这篇关于在Azure Easy Tables上进行内部授权的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！