Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication/Authorization API changes for preview.7 #42481

Closed
4 tasks done
DamianEdwards opened this issue Jun 28, 2022 · 10 comments
Closed
4 tasks done

Authentication/Authorization API changes for preview.7 #42481

DamianEdwards opened this issue Jun 28, 2022 · 10 comments
Assignees
@HaoK
Labels
area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer area-minimal Includes minimal APIs, endpoint filters, parameter binding, request delegate generator etc breaking-change This issue / pr will introduce a breaking change, when resolved / merged. feature-minimal-hosting
Milestone
7.0-preview7

Comments

@DamianEdwards
Copy link
Member

DamianEdwards commented Jun 28, 2022
edited
Loading

Following changes to be made to the authentication and authorization configuration APIs and behaviors:

- [ ] Change the WebApplicationBuilder.Authentication property to be a method AddAuthentication() with the same overloads as IServiceCollection.AddAuthentication()
- [ ] Add WebApplicationBuilder.AddAuthorization() method that is functional equivalent of IServiceCollection.AddAuthorizationBuilder()

  • Remove Authentication property from WebApplicationBuilder
  • Remove binding of AuthenticationOptions.DefaultScheme from configuration (and dotnet user-jwts setting it in applicationSettings.Development.json)
  • When there is only a single AuthN scheme added, set AuthenticationOptions.DefaultPolicy to that scheme, and add a new bool property AuthenticationOptions.DisableAutoDefaultScheme to enable disabling this behavior
  • Auto-add AuthN and AuthZ middleware if any AuthN scheme is added in all hosts (not just WebApplicationBuilder) WebApplicationBuilder and add new bool option to the various hosting options/APIs to enable disabling this behavior, e.g. WebApplicationOptions.DisableAutoAddAuthMiddleware
    • This behavior should apply whether adding AuthN schemes via IServiceCollection.AddAuthentication() or WebApplicationBuilder.AddAuthentication(), etc.
@DamianEdwards DamianEdwards added area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer feature-minimal-hosting labels Jun 28, 2022
@DamianEdwards DamianEdwards added this to the 7.0-preview7 milestone Jun 28, 2022
@HaoK
Copy link
Member

HaoK commented Jun 29, 2022
edited
Loading

@captainsafia how do you want to split this?

Maybe I do 1,2,4, and you take 3 and 5?

@captainsafia
Copy link
Member

captainsafia commented Jun 29, 2022
edited
Loading

@HaoK I was gonna do 1 and 4 since I've touched those areas recently. Gotta a branch for #1 worked at the moment...

Did you knock out #2 as part of the PR that was just merged?

@HaoK
Copy link
Member

HaoK commented Jun 29, 2022

No, I didn't do any part of this in the current PRs. I was working on 4 right now since that's orthogonal to everything else, so maybe you do 1 and I'll do 4 as the first step?

Its just a new PostConfigure on AuthenticationOptions so I should have a PR up for that soon hopefully

@captainsafia captainsafia mentioned this issue Jun 29, 2022
Closed
@captainsafia
Copy link
Member

Sounds good. I just opened #42494. I'll go ahead and do #2 there as well then we can take both changes through the same API review since they are related.

@captainsafia
Copy link
Member

Also, I realize I made a mistake in my original comment. I was planning on doing #1 (AddAuthentication) and #3 (moving default scheme from user-jwts to the runtime).

@HaoK
Copy link
Member

HaoK commented Jun 29, 2022

Cool so we aren't duplicating any work right now

@HaoK HaoK added the breaking-change This issue / pr will introduce a breaking change, when resolved / merged. label Jun 29, 2022
@HaoK HaoK mentioned this issue Jun 29, 2022
Merged
@captainsafia
Copy link
Member

API review issue for the AddAuth(n)/(z) changes in #42577.

This was referenced Jul 5, 2022
Merged
Merged
Closed
@captainsafia
Copy link
Member

OK. 1, 2, and 4 are done.

@captainsafia captainsafia removed their assignment Jul 7, 2022
@captainsafia
Copy link
Member

I think #3 still needs to be merged so it might be prudent to keep this one open until then.

@captainsafia captainsafia reopened this Jul 7, 2022
@captainsafia
Copy link
Member

I stand corrected. It was merged half an hour ago. Closing again.

@ghost ghost locked as resolved and limited conversation to collaborators Aug 6, 2022
@amcasey amcasey added the area-minimal Includes minimal APIs, endpoint filters, parameter binding, request delegate generator etc label Jun 2, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@HaoK HaoK

Labels
area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer area-minimal Includes minimal APIs, endpoint filters, parameter binding, request delegate generator etc breaking-change This issue / pr will introduce a breaking change, when resolved / merged. feature-minimal-hosting
Projects
None yet
Milestone
7.0-preview7
Development

No branches or pull requests
4 participants
@DamianEdwards @captainsafia @HaoK @amcasey