Reusing Javascript in Logic Apps Standard

Azure Logic Apps Node Javascript

Scenario Link to heading

What I’m about to describe is more like a “because I can” approach than a recommended technique. The reason for this POST is a StackOverflow answer claiming that “if we want to run node code with some third-party packages, we can only use Azure function action”.

I found this answer while looking for a way to get a SHA-256 for an object in a Logic Apps Standard workflow, and yes, the function action is a good alternative, the same with a full function app, I however share the feeling from the author of the question, “I just couldn’t believe I had to go to such lengths”.

The limitation in the in-line javascript action is there, it “Doesn’t support the require() function for running JavaScript.”, however, what ‘require’ is really doing is just pulling the dependency’s JavaScript code. Adding this code to the in the in-line javascript will accomplish the same. Of course it won’t be pulling the latest version every time and will get messy pretty fast if the dependency has its own dependencies, but with the recent supply-chain attacks this might even be a good idea!

Get SHA-256 action Link to heading

The code shared in the StackOverflow question depends on the crypto-js library, its HmacSHA256 method. To address my needs, I use the SHA256 method instead, which is available here. With this in place, the SHA256 method works, with in-line javascript, no need for function actions or function apps.

alt text

Reuse the crypo-js dependency code Link to heading

The solution above addresses the need of the StackOverflow question and works for my needs as well, however in my case I need to get those hashes in more than one workflow in my Logic App. Duplicating 4.5Kb of Javascript on every one of these actions is not something I’m comfortable with.

To reuse this code, I ended up placing it as a parameter. Parameters in Logic Apps Standard are maintained in a JSON file, the only documented limit is about their number, not their size, and its value is available to all workflows.

alt text

Now I can have this action as many times as needed in my Logic App, without duplicating the code of the dependency.

1eval(workflowContext.actions.Set_Crypto_Library.outputs);
2const hash = CryptoJS.SHA256(JSON.stringify(workflowContext.actions.Parse_Input.outputs));
3return hash.toString();

The Set Crypto Library action is a compose action to make the text of the parameter available to the in-line javascript action.

1{
2  "type": "Compose",
3  "inputs": "@parameters('cryptojs')",
4  "runAfter": {
5    "Parse_Input": [
6      "SUCCEEDED"
7    ]
8  }
9}

Is this a recommended approach?, for simple scenarios like this one, maybe. As I mentioned at the beginning, the main reason for this post is not about promoting this solution as a recommended way to do this but to show there are ways to work around technology limitations. As long as the developer is aware of the tradeoffs and communicates the potential pitfalls of the work around, he or she will have more options than just saying “we can only use…”, as in the StackOverflow answer.