在 azure 函数中配置令牌
Configuring token in azure functions
问题是在 startup.cs 文件中添加 AddAccessTokenManagement() 后出现 Functions runtime is unreachable 错误。天蓝色的功能列表也是空的。最好的部分是,从应用程序洞察中,我看到我的 cron 作业无论如何都在执行,并且令牌正在运行。当 运行 我在本地环境中的代码没有报告问题时,部署似乎也很好。这就是我配置我的 http 客户端以使用身份令牌的方式:
private void ConfigureAccessToken(IFunctionsHostBuilder builder)
{
var IdentityServerUrl = "<serverUrl>"; ;
builder.Services.AddHttpClient();
builder.Services.AddAccessTokenManagement(options =>
{
options.Client.Clients.Add("cloud-service", new ClientCredentialsTokenRequest
{
Address = $"{IdentityServerUrl}/connect/token",
ClientId = _authorizationConfig.ClientId,
ClientSecret = _authorizationConfig.ClientSecret,
});
});
builder.Services.AddClientAccessTokenClient("internal-client", configureClient: client => { });
}
值得一提的是,这种配置方式适用于我的 Web API 应用程序。
大家有什么想法吗?
我自己找到了答案。看起来 azure 函数的令牌配置与 Web API 不同。工作代码如下:
private void ConfigureAccessToken(IFunctionsHostBuilder builder)
{
var IdentityServerUrl = "<serverUri>";
builder.Services.Configure<AccessTokenManagementOptions>(o =>
{
o.Client.Clients.Add("cloud-service", new ClientCredentialsTokenRequest
{
Address = $"{IdentityServerUrl}/connect/token",
ClientId = _authorizationConfig.ClientId,
ClientSecret = _authorizationConfig.ClientSecret,
});
});
builder.Services.AddDistributedMemoryCache();
builder.Services.AddTransient<ITokenClientConfigurationService, DefaultTokenClientConfigurationService>(s =>
{
return new DefaultTokenClientConfigurationService(
s.GetRequiredService<IOptions<AccessTokenManagementOptions>>(),
null,
null);
});
builder.Services.AddHttpClient(AccessTokenManagementDefaults.BackChannelHttpClientName);
builder.Services.TryAddTransient<ITokenEndpointService, TokenEndpointService>();
builder.Services.TryAddTransient<IClientAccessTokenCache, ClientAccessTokenCache>();
builder.Services.AddTransient<IAccessTokenManagementService, AccessTokenManagementService>(s =>
{
return new AccessTokenManagementService(
null,
null,
s.GetRequiredService<IOptions<AccessTokenManagementOptions>>(),
s.GetRequiredService<ITokenEndpointService>(),
s.GetRequiredService<IClientAccessTokenCache>(),
s.GetRequiredService<ILogger<AccessTokenManagementService>>()
);
});
builder.Services.AddTransient<ClientAccessTokenHandler>();
builder.Services.AddClientAccessTokenClient("internal-client", configureClient: config => {});
}
问题是在 startup.cs 文件中添加 AddAccessTokenManagement() 后出现 Functions runtime is unreachable 错误。天蓝色的功能列表也是空的。最好的部分是,从应用程序洞察中,我看到我的 cron 作业无论如何都在执行,并且令牌正在运行。当 运行 我在本地环境中的代码没有报告问题时,部署似乎也很好。这就是我配置我的 http 客户端以使用身份令牌的方式:
private void ConfigureAccessToken(IFunctionsHostBuilder builder)
{
var IdentityServerUrl = "<serverUrl>"; ;
builder.Services.AddHttpClient();
builder.Services.AddAccessTokenManagement(options =>
{
options.Client.Clients.Add("cloud-service", new ClientCredentialsTokenRequest
{
Address = $"{IdentityServerUrl}/connect/token",
ClientId = _authorizationConfig.ClientId,
ClientSecret = _authorizationConfig.ClientSecret,
});
});
builder.Services.AddClientAccessTokenClient("internal-client", configureClient: client => { });
}
值得一提的是,这种配置方式适用于我的 Web API 应用程序。
大家有什么想法吗?
我自己找到了答案。看起来 azure 函数的令牌配置与 Web API 不同。工作代码如下:
private void ConfigureAccessToken(IFunctionsHostBuilder builder)
{
var IdentityServerUrl = "<serverUri>";
builder.Services.Configure<AccessTokenManagementOptions>(o =>
{
o.Client.Clients.Add("cloud-service", new ClientCredentialsTokenRequest
{
Address = $"{IdentityServerUrl}/connect/token",
ClientId = _authorizationConfig.ClientId,
ClientSecret = _authorizationConfig.ClientSecret,
});
});
builder.Services.AddDistributedMemoryCache();
builder.Services.AddTransient<ITokenClientConfigurationService, DefaultTokenClientConfigurationService>(s =>
{
return new DefaultTokenClientConfigurationService(
s.GetRequiredService<IOptions<AccessTokenManagementOptions>>(),
null,
null);
});
builder.Services.AddHttpClient(AccessTokenManagementDefaults.BackChannelHttpClientName);
builder.Services.TryAddTransient<ITokenEndpointService, TokenEndpointService>();
builder.Services.TryAddTransient<IClientAccessTokenCache, ClientAccessTokenCache>();
builder.Services.AddTransient<IAccessTokenManagementService, AccessTokenManagementService>(s =>
{
return new AccessTokenManagementService(
null,
null,
s.GetRequiredService<IOptions<AccessTokenManagementOptions>>(),
s.GetRequiredService<ITokenEndpointService>(),
s.GetRequiredService<IClientAccessTokenCache>(),
s.GetRequiredService<ILogger<AccessTokenManagementService>>()
);
});
builder.Services.AddTransient<ClientAccessTokenHandler>();
builder.Services.AddClientAccessTokenClient("internal-client", configureClient: config => {});
}