cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Retrieve User Claims in Python Flask App for Azure Container Apps After Authentication
By
wanjing
Published Mar 14 2024 11:08 PM 1,119 Views
wanjing
Microsoft
‎Mar 14 2024 11:08 PM

Retrieve User Claims in Python Flask App for Azure Container Apps After Authentication

‎Mar 14 2024 11:08 PM

The Token Store feature is currently supported in preview mode and can be enabled via the Azure CLI using the command az containerapp auth update with the --token-store boolean flag.

 

At the moment, the implementation only supports Blob Storage, which can be configured using the --sas-url-secret and --sas-url-secret-name parameters. More details on enabling the token store will be available soon in the public documentation.

 

However, I am going to talk about in this article that even without enabling the token store, it is still possible to retrieve user claims in the application code for Azure Container Apps after authentication, as described in this documentation: Access User Claims in Application Code. The claims are injected into the request headers, making them accessible whether from an authenticated end user or a client application.

  • X-MS-CLIENT-PRINCIPAL-NAME
  • X-MS-CLIENT-PRINCIPAL-ID

I would like to share a simple sample in Python Flask app to demonstrate it. The sample code is downloaded from here following this doc.

Get the Sample Code

git clone https://github.com/Azure-Samples/msdocs-python-flask-webapp-quickstart.git

Add Claims div in the index.html Page

<label for="principal_name" class="form-label fw-bold fs-5">X-MS-CLIENT-PRINCIPAL-NAME:</label>
<div class="d-grid gap-2 d-sm-flex justify-content-sm-center align-items-center my-1">
  <p class="form-control-static">{{ principal_name }}</p>
</div>

<label for="principal_id" class="form-label fw-bold fs-5">X-MS-CLIENT-PRINCIPAL-ID:</label>
<div class="d-grid gap-2 d-sm-flex justify-content-sm-center align-items-center my-1">
  <p class="form-control-static">{{ principal_id }}</p>
</div>

Retrieve the Claims from Request Headers

def index():
   print('Request for index page received')
   #return render_template('index.html')

   # Get the request headers
   headers = request.headers
   # Get the values of the desired headers
   principal_name = headers.get('X-MS-CLIENT-PRINCIPAL-NAME')
   principal_id = headers.get('X-MS-CLIENT-PRINCIPAL-ID')
   return render_template('index.html', principal_name=principal_name, principal_id=principal_id)

Deploy Web App to Azure

After deploying the app to Azure Container Apps and enabling the built-in Authentication with Microsoft Identity, upon successful authentication, you will be able to view the user claims on the index page.

result.png

 

Co-Authors
Version history
Last update:
‎Mar 14 2024 11:08 PM
Updated by:
Labels