Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Investigate AuthN/AuthZ metrics in ASP.NET Core #47603

Open
2 of 3 tasks
JamesNK opened this issue Apr 7, 2023 · 6 comments
Open
2 of 3 tasks

Investigate AuthN/AuthZ metrics in ASP.NET Core #47603

JamesNK opened this issue Apr 7, 2023 · 6 comments
Assignees
@halter73
Labels
area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer enhancement This issue represents an ask for new feature or an enhancement to an existing one feature-observability
Milestone
9.0-preview6

Comments

@JamesNK
Copy link
Member

JamesNK commented Apr 7, 2023
edited

Issue #47536 adds metrics for existing counters.

We should investigate where adding new metrics makes sense in ASP.NET Core. Metrics are easier to add and test than old event counters. And tags make them more powerful.

Initial ideas:

  • Rate limiting - queue counts
  • Routing - match/fallback/no match counts
  • AuthN/AuthZ - success/failure counts

AuthZ

  • Number of requests that require authz
    • Policy name
    • Result (success/failure)

AuthN

  • Challenge count
    • Scheme name
  • Authenticated requests count - don't record for result
    • Scheme name
    • Result (success/failure/noop)

Sign in handler

  • Sign in count
    • Scheme name

Sign out handler

  • Sign out count
    • Scheme name
@mitchdenny
Copy link
Member

Output Caching metrics might be another good idea. I'm also wondering whether anything makes sense around health checks - although they can probably be seen within the scope of the existing metrics.

@amcasey
Copy link
Member

amcasey commented May 5, 2023

This is mostly for outside kestrel, right? #47831 covers the remaining work there?

@JamesNK
Copy link
Member Author

JamesNK commented May 6, 2023

Yes

@amcasey amcasey added area-middleware Includes: URL rewrite, redirect, response cache/compression, session, and other general middlesware and removed area-runtime labels Jun 2, 2023
@JamesNK JamesNK mentioned this issue Jun 12, 2023
Closed
12 tasks
@JamesNK JamesNK changed the title Investigate new metrics in ASP.NET Core Investigate AuthN/AuthZ metrics in ASP.NET Core Jun 12, 2023
@JamesNK
Copy link
Member Author

JamesNK commented Jun 12, 2023

cc @halter73 @JeremyLikness

@JamesNK JamesNK added this to the .NET 9 Planning milestone Aug 17, 2023
@SeanFarrow
Copy link
Contributor

As someone working in the authentication space and looking at metrics currently, I'd be interested in helping out with this.

@JamesNK
Copy link
Member Author

JamesNK commented Dec 5, 2023

The first step is to figure out what the metrics are. The issue includes some notes from discussing metrics with @halter73 @JeremyLikness. I think they're the folks that need to come up with what the spec is we want in .NET 9.

@dotnet-policy-service dotnet-policy-service bot added the pending-ci-rerun When assigned to a PR indicates that the CI checks should be rerun label Feb 6, 2024
@wtgodbe wtgodbe removed the pending-ci-rerun When assigned to a PR indicates that the CI checks should be rerun label Feb 6, 2024
@dotnet-policy-service dotnet-policy-service bot added the pending-ci-rerun When assigned to a PR indicates that the CI checks should be rerun label Feb 6, 2024
@wtgodbe wtgodbe removed the pending-ci-rerun When assigned to a PR indicates that the CI checks should be rerun label Feb 13, 2024
@dotnet dotnet deleted a comment from dotnet-policy-service bot Feb 13, 2024
@dotnet dotnet deleted a comment from dotnet-policy-service bot Feb 13, 2024
@mkArtakMSFT mkArtakMSFT added the area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer label Feb 23, 2024
@mkArtakMSFT mkArtakMSFT removed the area-middleware Includes: URL rewrite, redirect, response cache/compression, session, and other general middlesware label Mar 11, 2024
@mkArtakMSFT mkArtakMSFT added enhancement This issue represents an ask for new feature or an enhancement to an existing one feature-observability labels Mar 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@halter73 halter73

Labels
area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer enhancement This issue represents an ask for new feature or an enhancement to an existing one feature-observability
Projects
None yet
Milestone
9.0-preview6
Development

No branches or pull requests
7 participants
@halter73 @JamesNK @mitchdenny @SeanFarrow @amcasey @wtgodbe @mkArtakMSFT