Make it possible to disable authentication and authorization for only running the backend #1204
Labels
backend
Backend related functionality
improvement
Improvement to existing functionality
stale
This issue or pull request already exists
Comments
Christdej
added
backend
This was referenced Nov 21, 2023
|
This issue has automatically been marked as stale as there has been no activity for 60 days. |
|
Consider implementing / providing an openly available authentication provider with documentation for how to use it. In order for open source contributions to take place. |
10 tasks
|
This issue has automatically been marked as stale as there has been no activity for 60 days. |
|
This issue has automatically been marked as stale as there has been no activity for 60 days. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the improvement you would like to see
This will make it easier to run for people outside Equinor and easier to run in integration tests.
Make
builder.Services .AddAuthenticationConfigurable
Make
builder.Services.AddAuthorizationBuilder().AddFallbackPolicy( "RequireAuthenticatedUser", policy => policy.RequireAuthenticatedUser() );Configurable
Make
app.UseAuthentication(); app.UseAuthorization();Configurable
Investigate how the decorator
[Authorize(Roles = Role.Admin)]works when auth is disabledInvestigate how not having:
"AzureAd": { "TenantId": "3aa4a235-b6e2-48d5-9195-7fcf05b459b0", "Instance": "https://login.microsoftonline.com" },in the appsettings works.How will this improvement affect the current Threat Model?
If set up wrong can increase the risk of starting with app without authorization and that can give unwanted access to resources.
The text was updated successfully, but these errors were encountered: