WCF Service for getting image via Azure Relay.
The reason is to "publish" .Net REST WCF service via Azure Relay.
There no direct publishing of this service. Service is using WCF Relay binding to publish it. You need no firewall port publishing, communication is started from backend via HTTPS.
Client is calling Azure Relay service.
Solution is created on full DotNet. DotNetCore is not supported right now, see discussion.
Simply create in Azure portal new service called Relay, follow this link
Change Key in app.config
Section system.serviceModel\behaviors\endpointBehaviors\behaviortransportClientEndpointBehavior\tokenProvider
<sharedAccessSignature keyName="RootManageSharedAccessKey" key="KEY" />Section appSettings
<add key="Microsoft.ServiceBus.ConnectionString" value="Endpoint=sb://<yournamespace>.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=KEY" />
<add key="RelayServiceNamespace" value="<yournamespace>"/>If you want test service in browser, change Authorization to None in app.config Section system.serviceModel\bindings\webHttpRelayBinding\binding
<security relayClientAuthenticationType="None" />Run browser with your url, my example: https://jjrelay.servicebus.windows.net/Image/GetImage
You will get image.
Check app.config for using token Section system.serviceModel\bindings\webHttpRelayBinding\binding
<security relayClientAuthenticationType="RelayAccessToken" />Next fill correct Key into client configuration
<add key="ClientKeyName" value="RootManageSharedAccessKey" />
<add key="ClientKey" value="J9Qr7OQQI6JL3cRc6jX0yduBz3El4cVcM1x/w/le9FQ=" />Configuration for policy Client
When you run server, you will get token. Call this service with token. I'm using Postman to testing service - put token in Authorization header.
GET /Image/GetImage HTTP/1.1
Host: jjrelay.servicebus.windows.net
Authorization: SharedAccessSignature sr=https%3a%2f%2fjjrelay.servicebus.windows.net%2fImage%2f&sig=WUHK8w2a698NvCXSGQffEmqPJlBZuJxYdJXewM4a%2fC8%3d&se=1517055215&skn=RootManageSharedAccessKey
Example
This simple web application is using Azure Active Directory (AAD) for authentication. User profile page shows information about authenticated user, like User principal name (UPN). I'm using my AAD jjdev.onmicrosoft.com already created in this example.
Add new Azure Active Directory application in App registrations blade (app type is Web app). Setup permissions for Azure Active Directory - Read directory data & Sign in and read user profile. Finally setup Reply URLs based on enviroment where is web hosted. For more information follow link.
We need to update web.config with values for new created application in AAD.
<add key="ida:ClientId" value="<guid<" />
<add key="ida:ClientSecret" value="<secret>" />
<add key="ida:Domain" value="jjdev.onmicrosoft.com" />
<add key="ida:TenantId" value="<directoryId>" />Hosting WCF service in IIS for Azure Service Bus Relay is not working now. Comming back with update.