Created
November 24, 2022 17:13
-
-
Save astaykov/171295f293573f81128ef899b0354ce6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using namespace System.Net | |
# Input bindings are passed in via param block. | |
param($Request, $TriggerMetadata) | |
function Parse-JWTtoken { | |
[cmdletbinding()] | |
param([Parameter(Mandatory=$true)][string]$token) | |
#Validate as per https://tools.ietf.org/html/rfc7519 | |
#Access and ID tokens are fine, Refresh tokens will not work | |
if (!$token.Contains(".") -or !$token.StartsWith("eyJ")) { Write-Error "Invalid token" -ErrorAction Stop } | |
#Header | |
$tokenheader = $token.Split(".")[0].Replace('-', '+').Replace('_', '/') | |
#Fix padding as needed, keep adding "=" until string length modulus 4 reaches 0 | |
while ($tokenheader.Length % 4) { Write-Verbose "Invalid length for a Base-64 char array or string, adding ="; $tokenheader += "=" } | |
Write-Verbose "Base64 encoded (padded) header:" | |
Write-Verbose $tokenheader | |
#Convert from Base64 encoded string to PSObject all at once | |
Write-Verbose "Decoded header:" | |
[System.Text.Encoding]::ASCII.GetString([system.convert]::FromBase64String($tokenheader)) | ConvertFrom-Json | fl | Out-Default | |
#Payload | |
$tokenPayload = $token.Split(".")[1].Replace('-', '+').Replace('_', '/') | |
#Fix padding as needed, keep adding "=" until string length modulus 4 reaches 0 | |
while ($tokenPayload.Length % 4) { Write-Verbose "Invalid length for a Base-64 char array or string, adding ="; $tokenPayload += "=" } | |
Write-Verbose "Base64 encoded (padded) payoad:" | |
Write-Verbose $tokenPayload | |
#Convert to Byte array | |
$tokenByteArray = [System.Convert]::FromBase64String($tokenPayload) | |
#Convert to string array | |
$tokenArray = [System.Text.Encoding]::ASCII.GetString($tokenByteArray) | |
Write-Verbose "Decoded array in JSON format:" | |
Write-Verbose $tokenArray | |
#Convert from JSON to PSObject | |
$tokobj = $tokenArray | ConvertFrom-Json | |
Write-Verbose "Decoded Payload:" | |
return $tokobj | |
} | |
# Write to the Azure Functions log stream. | |
Write-Host "PowerShell HTTP trigger function processed a request." | |
# Interact with query parameters or the body of the request. | |
$name = $Request.Query.Name | |
if (-not $name) { | |
$name = $Request.Body.Name | |
} | |
$body = "This HTTP triggered function executed successfully. Pass a name in the query string or in the request body for a personalized response." | |
if ($name) { | |
$body = "Hello, $name. This HTTP triggered function executed successfully." | |
} | |
$authHeader = $Request.Headers["Authorization"] | |
if ($authHeader.Length -gt 10) { | |
$token = $authHeader.Substring(7) | |
Write-Host "Token: $token" | |
Parse-JWTtoken($token) | |
} | |
# Associate values to output bindings by calling 'Push-OutputBinding'. | |
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ | |
StatusCode = [HttpStatusCode]::OK | |
Body = $body | |
}) | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment