问题
I am developing a server less application using azure functions using Node js. Function app auth via azure active directory. My scenario is I want to get particular user data ex(email,username etc) by using his email or username during execution of one of http trigger function. There are several options that I already checked (ad and activedirectory libraries. These library seems not updated and I want to know is there any way to do this by using azure's Node Js SDK?
I am seeking a solution for without JWT. because, when 'function' need to get some user information function doesn't have any token.here user data requested by the function app not the user.Hence user data only use by the function app those info not exposed to user.
for Example: We can get user data by 'querying' user table when we need to get user data inside of some application running MySQL. If we specify email we can query.
I am asking same thing by using azure active directory.
回答1:
You can get the access token using client credential flow(not related to specific user) in your function.
const APP_ID = '[COPIED_APP_ID]';
const APP_SECERET = '[COPIED_APP_SECRET]';
const TOKEN_ENDPOINT ='https://login.microsoftonline.com/[COPIED_TENANT_ID]/oauth2/v2.0/token';
const MS_GRAPH_SCOPE = 'https://graph.microsoft.com/.default';
const axios = require('axios');
const qs = require('qs');
const postData = {
client_id: APP_ID,
scope: MS_GRAPH_SCOPE,
client_secret: APP_SECERET,
grant_type: 'client_credentials'
};
axios.defaults.headers.post['Content-Type'] =
'application/x-www-form-urlencoded';
let token = '';
axios
.post(TOKEN_ENDPOINT, qs.stringify(postData))
.then(response => {
console.log(response.data);
})
.catch(error => {
console.log(error);
});
Reference:
HOW TO — Get an Access Token for Microsoft Graph API using Node.JS
Then you can use this token to call Microsoft Graph API.
来源:https://stackoverflow.com/questions/60109090/how-to-get-users-from-azure-active-directory-to-azure-function