Question

我在我的App Service中使用了http触发天蓝色功能。我希望该http触发Azure功能不应公开访问，而只能从App Service访问。

当前，我已经为http触发功能创建了主机密钥，并将其用于身份验证请求。

我应该使用哪种身份验证方法？有什么想法。

天蓝色功能：

public static class RemoveSubscriptionsForPayers
    {
        [FunctionName(nameof(RemoveSubscriptionsForPayers))]
        public static async Task<IActionResult> Run(
            [HttpTrigger(AuthorizationLevel.Function, "post", Route = null)] HttpRequest req,
            [Inject] ILoggingService loggingService,
            [Inject] ICommandValidator commandValidator,
            [Inject] ICommandHandler<ResultDto,RemoveSubscriptionsForPayersCommand> commandHandler)
        {
            var logger = new Logger(loggingService);

            try
            {
                IActionResult actionResult = null;

                string requestBody = await new StreamReader(req.Body).ReadToEndAsync();

                logger.Info($"RemoveSubscriptionsForPayersCommand received on {nameof(RemoveSubscriptionsForPayers)}");

                var command = requestBody.AsPoco<RemoveSubscriptionsForPayersCommand>();

                if (commandValidator.Validate<RemoveSubscriptionsForPayersCommand>(req, command, new RemoveSubscriptionsForPayersCommandValidator(), logger, ref actionResult))
                {
                    var response =await commandHandler.HandleAsync(command, logger);
                    actionResult = new OkObjectResult(response);
                }

                return actionResult;
            }
            catch (Exception ex)
            {
                logger.Error($"Exception while processing {nameof(RemoveSubscriptionsForPayers)}", ex,
                  nameof(RemoveSubscriptionsForPayers));

                throw;
            }
        }
    }