Azure Function Using SignalR

Post by: syed hussain in All

To recreate this Node.js WebSocket server setup in a .NET Azure Function, we’ll adapt the logic into a C# Azure Function that supports WebSocket-style communication and command execution.

However, note a few important aspects:

  1. WebSocket in Azure Functions: While Azure Functions can technically support WebSockets, it’s often more complex and limited. Azure Functions doesn’t natively support continuous WebSocket connections due to its serverless nature, which is designed for short-lived HTTP requests. A possible workaround is to use Azure SignalR Service, which is optimised for real-time WebSocket communication in serverless environments.
  2. Command Execution: Similar to exec in Node.js, .NET can execute commands using the System.Diagnostics.Process class. However, running arbitrary commands directly from user input can be risky, so it’s important to validate and secure commands.

If you want to continue with Azure Functions for this, here’s how you might approximate the setup using Azure SignalR Service for WebSocket-like functionality and HTTP-triggered Azure Functions for executing commands.

Solution Outline: Implementing Command Execution via SignalR in Azure Functions (.NET)

  1. Set up Azure SignalR Service: Use SignalR to manage real-time communication.
  2. Azure Function for SignalR: Configure an HTTP-triggered Azure Function to send and receive messages through SignalR.
  3. Execute Commands with Validation: Use System.Diagnostics.Process for controlled command execution.

Set Up Azure SignalR Service

  1. Create an Azure SignalR Service:
  • Go to the Azure Portal.
  • Search for SignalR Service and create a new instance.
  • In Settings > Keys, take note of the Connection String for later.
  1. Configure SignalR Service in Function App:
  • Add the SignalR connection string to your Azure Function App settings with the key AzureSignalRConnectionString.

Create Azure Function for Real-Time Communication Using SignalR

  1. Install SignalR NuGet Package:
  • In your .NET Azure Function project, install the SignalR package:
    bash dotnet add package Microsoft.Azure.WebJobs.Extensions.SignalRService
  1. Create the SignalR Functions:
  • Define two functions: one for negotiating the SignalR connection and one for handling messages.
   using System.Threading.Tasks;
   using Microsoft.AspNetCore.Http;
   using Microsoft.AspNetCore.Mvc;
   using Microsoft.Azure.WebJobs;
   using Microsoft.Azure.WebJobs.Extensions.Http;
   using Microsoft.Azure.WebJobs.Extensions.SignalRService;
   using Microsoft.Extensions.Logging;

   public static class SignalRFunction
   {
       [FunctionName("negotiate")]
       public static IActionResult Negotiate(
           [HttpTrigger(AuthorizationLevel.Anonymous, "post")] HttpRequest req,
           [SignalRConnectionInfo(HubName = "commandHub")] SignalRConnectionInfo connectionInfo,
           ILogger log)
       {
           log.LogInformation("Negotiating SignalR connection.");
           return new OkObjectResult(connectionInfo);
       }

       [FunctionName("sendMessage")]
       public static async Task SendMessage(
           [HttpTrigger(AuthorizationLevel.Function, "post")] HttpRequest req,
           [SignalR(HubName = "commandHub")] IAsyncCollector<SignalRMessage> signalRMessages,
           ILogger log)
       {
           log.LogInformation("Processing command message.");
           string message = await req.ReadAsStringAsync();

           // Send message to all clients
           await signalRMessages.AddAsync(new SignalRMessage
           {
               Target = "newMessage",
               Arguments = new[] { message }
           });
       }
   }
  • negotiate: Establishes a SignalR connection with the client.
  • sendMessage: Handles messages from clients, echoing them back to all connected clients.
  1. Create a Client-Side WebSocket Script:
  • For client-side JavaScript to connect to this SignalR setup:
<script src="https://cdn.jsdelivr.net/npm/@microsoft/signalr@5.0.9/dist/browser/signalr.min.js"></script> <script> async function connectSignalR() { const response = await fetch("/api/negotiate", { method: "POST" }); const { url, accessToken } = await response.json(); const connection = new signalR.HubConnectionBuilder() .withUrl(url, { accessTokenFactory: () =&gt; accessToken }) .build(); connection.on("newMessage", message =&gt; { console.log("Message from server:", message); }); await connection.start(); console.log("SignalR connected"); // Send message to the server connection.invoke("sendMessage", "Hello from client"); } connectSignalR(); </script>

Implement Command Execution in Azure Function

For command execution, we’ll add another Azure Function that runs commands in the background using System.Diagnostics.Process. It’s critical to implement command validation to ensure security.

using System.Diagnostics;
using System.IO;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Azure.WebJobs;
using Microsoft.Azure.WebJobs.Extensions.Http;
using Microsoft.Azure.WebJobs.Extensions.SignalRService;
using Microsoft.Extensions.Logging;

public static class CommandExecutionFunction
{
    [FunctionName("executeCommand")]
    public static async Task<IActionResult> Run(
        [HttpTrigger(AuthorizationLevel.Function, "post")] HttpRequest req,
        [SignalR(HubName = "commandHub")] IAsyncCollector<SignalRMessage> signalRMessages,
        ILogger log)
    {
        log.LogInformation("Executing command");

        // Read the command from the request body
        string command = await new StreamReader(req.Body).ReadToEndAsync();

        // Whitelist specific commands to prevent arbitrary command execution
        if (command != "az group list" && command != "az account list")
        {
            return new BadRequestObjectResult("Command not allowed.");
        }

        try
        {
            // Execute the allowed command
            var process = new Process
            {
                StartInfo = new ProcessStartInfo
                {
                    FileName = "/bin/bash",
                    Arguments = $"-c \"{command}\"",
                    RedirectStandardOutput = true,
                    RedirectStandardError = true,
                    UseShellExecute = false,
                    CreateNoWindow = true
                }
            };

            process.Start();
            string output = await process.StandardOutput.ReadToEndAsync();
            string error = await process.StandardError.ReadToEndAsync();
            process.WaitForExit();

            // Send output or error back to the client through SignalR
            string response = process.ExitCode == 0 ? output : error;
            await signalRMessages.AddAsync(new SignalRMessage
            {
                Target = "commandResponse",
                Arguments = new[] { response }
            });

            return new OkObjectResult("Command executed.");
        }
        catch (System.Exception ex)
        {
            log.LogError($"Exception: {ex.Message}");
            return new StatusCodeResult(StatusCodes.Status500InternalServerError);
        }
    }
}
  • Command Whitelisting: Only allow certain safe commands (e.g., az group list) to avoid security risks.
  • SignalR Message Sending: Use SignalR to send the command output back to the client in real-time.

Testing

  1. Start the SignalR Connection: Use the client-side script to connect.
  2. Invoke Commands:
  • Use the executeCommand function to invoke commands securely.
  1. Receive Output:
  • The output (or error) is sent back to the client via SignalR and displayed in the console.

Tags:
03 Nov 2024
0