问题描述
这是我的ARM模板的示例,该模板处理Function App:
{
"apiVersion": "2015-08-01","type": "Microsoft.Web/sites","name": "MyAzureFunctionName","location": "[resourceGroup().location]","kind": "functionapp","dependsOn": [
"[resourceId('Microsoft.Web/serverfarms',variables('nameWithDashes'))]","[resourceId('Microsoft.Storage/storageAccounts',variables('storageName'))]"
],"properties": {
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms','MyAzureFunctionName')]","httpsOnly": true,"siteConfig": {
"appSettings": [
{
...
}]
}
}
}
我正在尝试将Azure功能配置为使用Azure B2C进行授权。我正在关注existing instructions,但无法获得预期的结果。例如,在下面的示例中,我只是尝试激活App Service身份验证:
{
"apiVersion": "2020-06-01","name": "[concat('MyAzureFunctionName','/authsettingsV2')]","type": "Microsoft.Web/sites/config","dependsOn": [
"[resourceId('Microsoft.Web/sites/','MyAzureFunctionName')]"
],"properties": {
"enabled": "true"
}
}
此配置中未指定其他任何内容,因为其他所有内容均为可选。我只是想看看我是否在选择正确的东西。运行ARM模板后,这是“授权/身份验证”页面:
配置似乎已损坏。
问题
如何将我的Function App配置为在Azure资源管理器模板中使用Azure B2C?
解决方法
基于我的其他answer。
此示例适用于我的应用程序(包括Azure功能):
{
"apiVersion": "2015-08-01","name": "web","type": "config","dependsOn": [
"[resourceId('Microsoft.Web/Sites',parameters('webAppName'))]"
],"properties": {
"siteAuthEnabled": "[parameters('enableAadAuthentication')]","siteAuthSettings": {
"clientId": "[parameters('aadClientId')]","issuer": "[parameters('aadIssuerUrl')]","isAadAutoProvisioned": false
}
}
}
对于B2C的值,您可以添加来自此answer的信息:
-
aadClientId:您的applicationId -
enableAadAuthentication:是 -
aadIssuerUrl:元数据端点URL。如果查看Azure门户中的登录策略,则可以找到它。例如:https://yourtenant.b2clogin.com/yourtenant.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=B2C_1A_signup_signin