You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The authorization settings are configured during startup. This means that simply refreshing the RuntimeConfig to reflect saved changes is not enough to update the authorization settings that the service will be using. Instead, those changes that need to be made must be done so in a way that refreshes the settings that were configured during startup.
The text was updated successfully, but these errors were encountered:
Startup.cs ConfigureAuthentication() function requires refactoring to fulfill this task.
All possible authentication schemes (JWT, SWA, AppService, Simulator) need to be configured regardless of what contents exist in the runtime configuration.
e.g.
services.AddAuthentication(defaultScheme: EasyAuthType.StaticWebApp).AddJwtBearer(options =>{ options.Property ="<IOptionsMonitor?>"});.AddEasyAuthAuthentication(easyAuthAuthenticationProvider: EasyAuthType.StaticWebApp).AddEasyAuthAuthentication(easyAuthAuthenticationProvider: EasyAuthType.AppService);// condition Simulator auth for development mode ONLY.AddSimulatorAuthentication();
Requirements to figure out:
AddJwtBearer supports IOptionsMonitor, need to figure out how to signal changes due to hot reload because hot reloading different jwt providers requires refreshing the jwtprovider options.
Authenticate requests using the currently configured authentication configuration, this requires modifications the ClientRoleHeaderAuthenticationMiddleware
publicasync Task InvokeAsync(HttpContexthttpContext){// authNResult will be one of:// 1. Succeeded - Authenticated// 2. Failure - Token issue// 3. None - No token provided, no auth result.AuthenticateResultauthNResult=await httpContext.AuthenticateAsync();// no param to AuthenticateAsync() uses default authentication scheme (which per above config is set as: services.AddAuthentication(defaultScheme: EasyAuthType.StaticWebApp))
The following method signature should be used instead:
` ``csharp
public static Task AuthenticateAsync(this HttpContext context, string? scheme);
Depending on the configured authentication provider, supply the appropriate scheme to `AuthenticateAsync()`.
The authorization settings are configured during startup. This means that simply refreshing the
RuntimeConfig
to reflect saved changes is not enough to update the authorization settings that the service will be using. Instead, those changes that need to be made must be done so in a way that refreshes the settings that were configured during startup.The text was updated successfully, but these errors were encountered: