Search code examples
azureazure-functionsrestful-authenticationazure-ad-b2cazure-api-management

Developing Azure functions locally

I am leading a large team of azure functions developers. So, most of the examples quoted by Microsoft using the azure web interface don't work for me. I am developing Azure functions locally using emulators to save some costs. I publish all my functions through visual studio into my integration environment.

I am developing a bunch of azure functions that need the api gateway to handle the authentication workflows using Azure AD B2C. Now, there's no api gateway emulator or an Azure AD B2C emulator that I can run locally. My authentication workflows involve intercepting requests to the api, redirecting them to AD B2C for authentication and the subsequent addition of the auth-token to the http header and then invoking the http-triggered azure functions.

Now, the question becomes, how do I test authentication workflows? How can I setup the api gateway to register my functions running locally in visual studio as api endpoint for my api gateway in the cloud?

Solution

  • What I did:

    1. Added an "authorize" API that handles general-purpose authorization against foreign authorities. This API returns my own JWT with my own custom claims that lasts for a some limited amount of time.
    2. Changed all of my other API's to use my custom JWT.

    Advantages:

    • Super easy to test locally. I just add #if DEBUG sections to the authorization API to skip normal authorization and give me a JWT of my design.
    • I can put whatever I want in the claim, so I use it as a cache to reduce external authorization calls.