Ocelot icon indicating copy to clipboard operation
Ocelot copied to clipboard

Published 20 hours ago verified publisher icon ThreeMammals

#842 AuthenticationOptions in GlobalConfiguration

Open jlukawska opened this issue 4 years ago • 6 comments

Closes #842

  • #842

Proposed Changes

It is possible to configure AuthenticationOptions in GlobalConfiguration. Then all routes use these settings. To configure an exception to this rule (e.g. for identity service), AllowAnonymousForGlobalAuthenticationOptions property should be set to true in the route AuthenticationOptions.

If a route has its own AuthenticationOptions with AuthenticationProviderKey configured additionally, it has priority over the global one.

At the moment if a route uses a global AuthenticationProviderKey (when AuthenticationProviderKey is not configured for route explicitly), it uses also global AllowedScopes, even if AllowedScopes is configured for the route additionally.

jlukawska avatar Apr 28 '20 19:04 jlukawska

+1 to please add/merge this feature.

Question: does your implementation allow for a given route to NOT have authentication? Like an 'allow anonymous' setting. In my project this would be needed for my identity service.

rathga avatar Jul 16 '20 14:07 rathga

@rathga, it should be quite easy to add this option. I'll try to update the pull request soon.

Thanks for the feedback!

jlukawska avatar Jul 17 '20 11:07 jlukawska

@jlukawska Hi J! Thanks for the great PR! Wow! I am impressed. 😍

What I've done:

  • Feature branch has been rebased onto ThreeMammals:develop to remove all merge commits and introduce top commits from target
  • Merge conflicts have been resolved during rebasing. That was quite difficult, but done
  • Fixed errors. There was some ambiguity in resolutions, not an issue now
  • Fixed some errors, warning and messages
  • Made green build finally

Now we can start code review...

raman-m avatar Jul 27 '23 19:07 raman-m

@rathga commented on Jul 16, 2020

Hey, Richard! It was a long story, but I hope, we will get this feature delivered soon... 😄

Could you join to code review please? Your opinion is highly prioritized.

Also, check please, Is your small feature request implemented?

raman-m avatar Jul 27 '23 19:07 raman-m

I need this change,What time releases this PR?

@raman-m

wudiqiang2024 avatar Apr 11 '24 08:04 wudiqiang2024

@wudiqiang2024 commented on Apr 11

Sorry for delaying the delivery! We have a lack of dev time! This PR has low priority. We have another more important PRs in Annual 2023 milestone. Having possibility to define in global section is just beneficial option and not required at the moment. Please try to merge all routes as Catch All ones and define AuthenticationOptions for those Catch All routes. How many downstream services you have? How many routes are defined in ocelot.json? Do you consider Consul usage?

raman-m avatar Apr 11 '24 11:04 raman-m

Closed due to creation of a new PR: https://github.com/ThreeMammals/Ocelot/pull/2114

jlukawska avatar Jun 28 '24 19:06 jlukawska