Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Elsa Designer: Enable host to intercept outgoing HTTP requests made from Axios #1164

Closed
sfmskywalker opened this issue Jun 22, 2021 · 1 comment
Closed

Elsa Designer: Enable host to intercept outgoing HTTP requests made from Axios #1164

sfmskywalker opened this issue Jun 22, 2021 · 1 comment
Labels
enhancement New feature or request prio high Is on the roadmap for the near-future
Projects
Triage
Milestone
Elsa 2.1

Comments

@sfmskywalker
Copy link
Member

The Problem

Workflow servers must be protected by requiring credentials to be sent with incoming HTTP requests if they are to be used in production and exposed to the Internet. Anyone can do this today by using ASP.NET Core's security middleware. So far so good.

However, when the Elsa Server is protected, the Elsa Dashboard will no longer work since it does not send any credentials when making HTTP requests.

Since the implementer might implement any sort of security on the backend, the frontend should not (and cannot) have any opinions about sending specific credentials.

Instead, this is the responsibility of the application that hosts the Elsa Dashboard.

The Solution

To allow the application to provide security credentials, the Elsa Dashboard should provide an extension point that the application can use in order to send along security credentials with outgoing requests.

A simple & elegant solution is to simply publish an event once the Axios configuration object has been created. This allows the application to further configure it, such as adding an authorization header with a token.
@sfmskywalker sfmskywalker added enhancement New feature or request prio high Is on the roadmap for the near-future labels Jun 22, 2021
@sfmskywalker sfmskywalker added this to the Elsa 2.1 milestone Jun 22, 2021
@sfmskywalker sfmskywalker added this to Needs triage in Triage via automation Jun 22, 2021
@sfmskywalker sfmskywalker moved this from Needs triage to Triage complete in Triage Jun 22, 2021
@sfmskywalker
Copy link
Member Author

Related discussion: #1161

Triage automation moved this from Triage complete to Closed Jun 28, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request prio high Is on the roadmap for the near-future
Projects
No open projects
Triage
Closed
Milestone
Elsa 2.1
Development

No branches or pull requests
1 participant
@sfmskywalker