An easy way to wrap Azure Functions in automatic OAuth2 JWT authorization!
This library will wrap any javascript/typescript Azure Function implementation and automatically provide access to the JwtToken that was included on the request. If the auth requirements weren't met, 401/403 responses are automatically sent back.
Examples:
import { requireAuthorization, AuthenticatedContext } from "@optum/azure-functions-auth"
const httpTrigger: AzureFunction = requireAuthorization(async (context: AuthenticatedContext, req: HttpRequest): Promise<void> => {
context.log("Received request from subject", context.jwtToken.sub)
}, {
jwksEndpoint: process.env.JWKS_ENDPOINT, // configurable based on your OAuth2 provider
requiredIssuer: process.env.REQUIRED_ISSUER, // configurable based on your OAuth2 provider
requiredAud: process.env.REQUIRED_AUD // the specific audiance value for your service
})
export default httpTriggerimport { requireAuthorization, AuthenticatedContext } from "@optum/azure-functions-auth"
const httpTrigger: AzureFunction = requireAuthorization(async (context: AuthenticatedContext, req: HttpRequest, token: JwtToken): Promise<void> => {
context.log("Received request from subject", context.jwtToken.sub)
}, {
jwksEndpoint: process.env.JWKS_ENDPOINT, // configurable based on your OAuth2 provider
requiredIssuer: process.env.REQUIRED_ISSUER, // configurable based on your OAuth2 provider
requiredAud: process.env.REQUIRED_AUD, // the specific audiance value for your service
requiredRole: "MY_FUNCTION_ROLE" // the role guarding access to this specific function endpoint
})
export default httpTrigger