Improvements #3478
Merged
Improvements #3478
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jmprieur
commented
Sep 16, 2025
| /// <returns>the service collection for chaining.</returns> | ||
| public static IServiceCollection AddOidcFic(this IServiceCollection services) | ||
| { | ||
| services.AddTokenAcquisition(true); |
There was a problem hiding this comment.
OidcFic can't work with scoped token acquisition :-(
jmprieur
commented
Sep 16, 2025
| [FromBody] DownstreamApiOptions? optionsOverride, | ||
| [FromServices] IAuthorizationHeaderProvider headerProvider, | ||
| [FromServices] IConfiguration configuration) | ||
| [FromServices] IOptionsMonitor<DownstreamApiOptions> optionsMonitor) |
There was a problem hiding this comment.
It's better to get the options directly. and we'll be ready if we want to have a CalldownstreamApis endpoint
jmprieur
commented
Sep 16, 2025
| var claimsPrincipal = httpContext.User; | ||
| var token = claimsPrincipal.GetBootstrapToken() as JsonWebToken; | ||
|
|
||
| var token = httpContext.GetTokenUsedToCallWebAPI() as JsonWebToken; |
There was a problem hiding this comment.
See also the simplication in program.cs
jmprieur
commented
Sep 16, 2025
| }, | ||
|
|
||
| "DownstreamApi": { | ||
| "DownstreamApis": { |
There was a problem hiding this comment.
the usual convention
jmprieur
commented
Sep 16, 2025
| builder.Services.Configure<JwtBearerOptions>(JwtBearerDefaults.AuthenticationScheme, | ||
| options => | ||
| { | ||
| options.Events ??= new(); |
There was a problem hiding this comment.
Simplication here as this is already done.
jmprieur
commented
Sep 16, 2025
| builder.Services.AddHealthChecks(); | ||
|
|
||
| // Disable claims mapping. | ||
| JwtSecurityTokenHandler.DefaultMapInboundClaims = false; |
There was a problem hiding this comment.
We don't want Wilson to transform the claims.
jmprieur
commented
Sep 16, 2025
| return Task.FromResult(context); | ||
| }; | ||
| // Enable the right role claim type. | ||
| options.TokenValidationParameters.RoleClaimType = "roles"; |
There was a problem hiding this comment.
important for AuthZ
keegan-caruso
approved these changes
Sep 16, 2025
jennyf19
approved these changes
Sep 16, 2025
keegan-caruso
pushed a commit
that referenced
this pull request
Sep 26, 2025
keegan-caruso
pushed a commit
that referenced
this pull request
Sep 26, 2025
keegan-caruso
pushed a commit
that referenced
this pull request
Oct 1, 2025
keegan-caruso
pushed a commit
that referenced
this pull request
Oct 4, 2025
keegan-caruso
added a commit
that referenced
this pull request
Oct 7, 2025
* initial commit * Refactor, add basic error handling * Adding E2E test (#3476) * Add authorization header endpoint, minor cleanup * more end to end tests for sidecar (#3477) * Adding E2E test * Improving the tests * Fix name * Apply suggestion from @keegan-caruso Co-authored-by: Keegan <[email protected]> --------- Co-authored-by: Keegan <[email protected]> * Add more tests * Improvements (#3478) * Fix model bindng (#3479) Other cleanup and improvements Co-authored-by: Keegan Caruso <[email protected]> * Update tests to new behavior + 401 on AuthorizationHeader when we are sure it's an auth issue (#3480) * Improvements * fix tests with new behavior * Apply suggestion from @keegan-caruso Co-authored-by: Keegan <[email protected]> * Apply Keegan's suggestion --------- Co-authored-by: Keegan <[email protected]> * add downstream api (#3483) * add downstream api --------- Co-authored-by: Keegan Caruso <[email protected]> * Enable container workflow (#3496) * containerization * Enable container workflows --------- Co-authored-by: Jean-Marc Prieur <[email protected]> Co-authored-by: Keegan Caruso <[email protected]> * Add more e2e tests (#3504) Co-authored-by: Keegan Caruso <[email protected]> * Authorization Header and downstream API endpoint updates (#3507) * Authorization Header and downstream API endpoints updates * Fix open api generation --------- Co-authored-by: Keegan Caruso <[email protected]> * Sidecar endpoint descriptions (#3510) * Add more descriptions to open api document * Adjust for open api doc generation --------- Co-authored-by: Keegan Caruso <[email protected]> * Current implementation of Open API description generation is not trim friendly * Add agentuserid to list of params (#3514) * Add agentuser id to list of params * Apply suggestion from @jmprieur Co-authored-by: Jean-Marc Prieur <[email protected]> * Apply suggestion from @jmprieur Co-authored-by: Jean-Marc Prieur <[email protected]> * update openapi file --------- Co-authored-by: Keegan Caruso <[email protected]> Co-authored-by: Jean-Marc Prieur <[email protected]> * Add windows container (#3516) Co-authored-by: Keegan Caruso <[email protected]> * Sidecar python adapter devapp (#3508) * Python adapter * feedback --------- Co-authored-by: Keegan Caruso <[email protected]> * Add readme (#3517) * Add readme * Move runtime composition details in README move runtime composition section --------- Co-authored-by: Keegan Caruso <[email protected]> * Make the sidecar trim friendlier (#3518) Co-authored-by: Keegan Caruso <[email protected]> * Update python adapter (#3519) Co-authored-by: Keegan Caruso <[email protected]> * Don't use R2R (#3523) Co-authored-by: Keegan Caruso <[email protected]> * Exclude EndpointsE2ETests when ran from GH action * include FROM_GITHUB_ACTION in sidecar tests * Use in-memory config for sidecar e2e test * Apply suggestions from code review Co-authored-by: Jean-Marc Prieur <[email protected]> * Move SidecarApiFactory to separate file * Also needs test filter --------- Co-authored-by: Keegan Caruso <[email protected]> Co-authored-by: Jean-Marc Prieur <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Sidecar improvements