azure-functions-core-tools
azure-functions-core-tools copied to clipboard
Azure
Enable HttpTrigger function keys when running locally
With the scaffolded httpTrigger function the authentication is function
{
"authLevel": "function",
"type": "httpTrigger",
"direction": "in",
"name": "req"
},
but browsing to the URL provided in the host window output
http://localhost:7071/api/dummy
works just fine without providing a key.
Is this intentional? Does something else need to be configured? Am I missing something?
Obviously security is less meaningful in local scenario-o but it means the behaviour to live is different which is not good.
At the moment all auth is disabled when running locally, so it is intentional. The challenge locally is that you won't have UI for managing keys for the function\host and I don't have any commands for managing that either. When I thought about it a while ago, I couldn't think of scenarios where you'd need auth when working locally. But I'm open to suggestions
Worth adding to readme?
I couldn't think of scenarios where you'd need auth when working locally. But I'm open to suggestions
I generally agree, especially as any supplied key will be ignored.
I can only think of one case: when including a test to check that an incorrect api key fails. I guess it's a mute point if this should be in unit tests or integrations tests (probably some sort of module test), but as it is such a test will fail locally but pass remotely. We'd need to reserve these for tests against the live server. As you allow local testing it seems a shame not to be able to use the same test suite for the entire CD chain.
I'm probably overthinking it. Especially as the only way to get a function ID is manually from the portal, AFAIK .
Yeah, I don't see a big need for this scenario. Changing bug title to reflect the ask.
This would make great sense when AuthLevel.User is working. Then you might need some info from claims based on the token provided. For other cases it's just to say okay Auth is working before you deploy it online
@lindydonna, @SteveALee, so now it is also possible to add Azure Functions as a Docker container the need to be able to get access to function keys (and possibly also the master and host keys) becomes a lot bigger.
In my experience when I host the Azure Function in a Docker container the authentication works. Meaning when I configure my function to require a function key and run the container locally, I get a 401 Unauthorized response. Since there is no way (at least to my knowledge, see also my Stack Overflow question) to get local access to the keys, I don't know which key to supply to get it working. Only until I publish my container to Azure I will be able to get access to keys. Meaning there is no way of testing my functionality (unless I keep on changing permissions) when running in a Docker container.
This also means these type of authorization will not work when hosting everything on premise (without the use of Azure Stack) or on other cloud providers (which I can imagine is not something Microsoft is really worried about).
In short, I would love to have this feature available and think there are more scenarios then only local testing.
For the same of on-premise hosting I would like to have at least adding such keys via JSON file and deploy the same in my container. Is that possible at least
Is there any progress on how to consume HttpTriggers with authentication codes from within containers? Documentation relating to hosting Azure Functions in Containers (via Kubernetes) are available, though these neglects to mention how to consume HttpTriggers with authentication codes: https://github.com/Azure/azure-functions-core-tools#getting-started-on-kubernetes
Is there any progress on how to consume HttpTriggers with authentication codes from within containers? Documentation relating to hosting Azure Functions in Containers (via Kubernetes) are available, though these neglects to mention how to consume HttpTriggers with authentication codes: https://github.com/Azure/azure-functions-core-tools#getting-started-on-kubernetes
Has this progressed any futher? I am not sure how to access or set the keys for a function I am deploying to a Azure Kubernetes Service Cluster
Hey,
Please see this thread it will help you. I have tested it locally and it works. I'm yet to test the same on container https://github.com/Azure/azure-functions-host/issues/4147#issuecomment-477442831
@lindydonna, @SteveALee, so now it is also possible to add Azure Functions as a Docker container the need to be able to get access to function keys (and possibly also the master and host keys) becomes a lot bigger.
In my experience when I host the Azure Function in a Docker container the authentication works. Meaning when I configure my function to require a function key and run the container locally, I get a 401 Unauthorized response. Since there is no way (at least to my knowledge, see also my Stack Overflow question) to get local access to the keys, I don't know which key to supply to get it working. Only until I publish my container to Azure I will be able to get access to keys. Meaning there is no way of testing my functionality (unless I keep on changing permissions) when running in a Docker container.
This also means these type of authorization will not work when hosting everything on premise (without the use of Azure Stack) or on other cloud providers (which I can imagine is not something Microsoft is really worried about).
In short, I would love to have this feature available and think there are more scenarios then only local testing.
Still not available.. Such a shame.
