Token Binding makes it easy to get OAuth Access Token provided by Azure Active Directory

To access Office365 Service such as Exchange, it’s useful to use Graph API.Graph API requires OAuth Access Token provided by Azure Active Directory.But id’s so difficult to treat OAuth.At first, we need to get authorization code by accessing authorization code to Authorization Endpoint and to generate Access Token by passing  authorization code to Token Endpoint.In Addition, when access token got expired, regenerating Access Token by Refresh Token is required.

Token Binding saves the efforts to do many steps above-mentioned.Token Binding is a kind of HTTP Trigger Binding, Queue Trigger Binding and so on.

Let’s get started.I’ll try this by publishing C# code to Azure Portal from Visual Studio.

In this case, I assume that the registration of App to Azure Active Directory has been already completed.

At first, access Azure Functions Settings, click “Platform features” and  click “Authentication / Authorization”.

Screen Shot 2019-02-07 at 23.03.02

 

Switch on “App Service Authentication” and click “Azure Active Directory” located below “Authentication Provider”.

Screen Shot 2019-02-07 at 23.07.00

 

In this case, Azure Active Directory which manages Azure differs from one which manages Office365.Click “Advanced”, type Client ID of Application registered to Azure Active Directory to “Client ID”,  type Client Secret of Application registered to Azure Active Directory to “Client Secret”, type ”https://sts.windows.net/[TenantID]’ to “Issuer Uri”, and the click “OK”.

Screen Shot 2019-02-07 at 23.08.53

 

To use Token Binding, installing some libraries is required.Install “Microsoft.Azure.Webjobs.Extensions.AuthTokens” by NuGet Package Manager in Visual Studio.

See the following code which use Token Binding.

The following statement enables Token Binding.OAuth Access Token is set to the variable “graphToken“.

[Token(IdentityProvider = AAD, Resource = https://graph.microsoft.com/, Identity = TokenIdentityMode.ClientCredentials)]string graphToken

Publish this code to Azure Portal and execute one.You can see Access Token displayed after “Access Token:“.

 

ご覧いただきありがとうございます! この投稿はお役に立ちましたか?

役に立った 役に立たなかった

0人がこの投稿は役に立ったと言っています。

コメント投稿

メールアドレスは表示されません。


*