AzureFunctions.Authentication 4.1.0

.NET 6.0 .NET Core 3.1 
dotnet add package AzureFunctions.Authentication --version 4.1.0
NuGet\Install-Package AzureFunctions.Authentication -Version 4.1.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="AzureFunctions.Authentication" Version="4.1.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
paket add AzureFunctions.Authentication --version 4.1.0
#r "nuget: AzureFunctions.Authentication, 4.1.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
// Install AzureFunctions.Authentication as a Cake Addin
#addin nuget:?package=AzureFunctions.Authentication&version=4.1.0

// Install AzureFunctions.Authentication as a Cake Tool
#tool nuget:?package=AzureFunctions.Authentication&version=4.1.0

AzureFunctions.Authentication

Provides Azure Functions friendly ASP.NET Core Authentication/Authorization

https://www.nuget.org/packages/AzureFunctions.Authentication

Problem

Azure Function have ability to use Startup.cs class with Dependecy Injection same as ASP.NET Core applications, it is not working as expected out of the box though. The reason for that is default/internal (admin) features of Azure Functions Web Host that are protected with the exact same ASP.NET Core Authentication/Authorization registrations which will be overriden once you register yours and you'll start seeing such problem in Azure Portal image. Moreover, predefined Azure Functions AuthorizationLevel policies wont work neither.

Root cause of a problem

Please read this issue to get more context: https://github.com/Azure/azure-functions-host/issues/6805.

Workaround

Register ASP.NET Core Authentication/Authorization in such a way that it is not replacing nor dropping existing configurations/schemas/handlers but extend it instead. This is achieved with "Dynamic schema registration", see example here: https://github.com/aspnet/AuthSamples/tree/master/samples/DynamicSchemes.

Solution

  1. Expose custom Authentication/Authorization builder extensions that dont override existing one but registers all needed services
  2. Provide custom extension that derives from IExtensionConfigProvider
  3. Re-configure already configured Authentication/Authorization by Azure Functions
  4. Dynamically inject new authentication schema and handler since Bearer schema is used by Azure Functions with their handler
  5. Override IAuthorizationHandlerProvider to merge Azure Functions handlers with application handlers

Example

  1. Add/replace existing AddAuthentication/AddAuthorization extension methods to AddFunctionAuthentication/AddFunctionAuthorization
  2. Register IAuthorizationHandler handlers
  3. Inject all needed services IAuthenticationSchemeProvider/IAuthorizationPolicyProvider/IPolicyEvaluator to authenticate & authorize request inside function. Alternative, encourage you to try nice package out there to simplify this process https://www.nuget.org/packages/DarkLoop.Azure.Functions.Authorize
  4. Enjoy 😄

Important

! Do not try to use the "Bearer" scheme name since it is already used by AzureFunction host internally, provide any other name like: "CustomBearer", "B2B", etc.

Code snippet

private static void ConfigureAuthorization(IFunctionsHostBuilder builder)
    {
        var configuration = builder.GetContext().Configuration;

        builder.Services.AddFunctionAuthentication(
            configuration,
            defaultAuthenticationScheme: "CustomBearer");

        builder.Services.AddFunctionAuthorization(
            configuration,
            configureDefaultPolicy: policy => policy.RequireRole("Admin"),
            configureOptions: options =>
            {
                options.AddPolicy(
                    "Organizatiuon",
                    builder => builder
                        .Combine(options.DefaultPolicy)
                        .AddRequirements(new OrganizationRequirement()));
            });

        builder.Services.AddScoped<IAuthorizationHandler, OrganizationAuthorizationHandler>();
    }
Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 is compatible.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp3.1 is compatible. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
4.1.0 7,222 5/25/2023
4.0.7.3 132 5/25/2023
4.0.7.2 119 5/25/2023
4.0.7.1 132 5/25/2023
4.0.7 6,417 2/23/2023
4.0.6 972 1/24/2023
4.0.5 3,714 5/21/2022
4.0.3 460 4/27/2022
4.0.2 415 4/23/2022
4.0.1 420 4/22/2022
4.0.0 535 4/22/2022
1.0.6 5,159 9/2/2021
1.0.5 319 9/2/2021
1.0.4 302 8/31/2021
1.0.3 323 8/23/2021
1.0.2 293 8/23/2021
1.0.1 299 8/23/2021
1.0.0 327 8/23/2021

- Added Source Link