Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🥕⭐ [Enhancement]: Add authentication.provider synonyms. #2407

Open
3 tasks
JerryNixon opened this issue Oct 4, 2024 · 6 comments · May be fixed by #2610
Open
3 tasks

🥕⭐ [Enhancement]: Add authentication.provider synonyms. #2407

JerryNixon opened this issue Oct 4, 2024 · 6 comments · May be fixed by #2610

Comments

@JerryNixon
Copy link
Contributor

JerryNixon commented Oct 4, 2024
edited
Loading

Update runtime.host.authentication.provider with synonyms for future planning.

These are already accounted for in the application_name specification.

Values

Current New Synonyms
StaticWebApp None
AppService
AzureAd EntraId, OAuth
Simulator

Tasks

  • Create synonyms
  • Ensure application_name compatibility
  • Update documentation

None

Some Data API implementations don't require any security at all. There is no option for None, although StaticWebApp handles this in most cases. The truth is, this is slightly more like Simulator except it behaves the opposite—Simulator treats everything as authenticated but none will treat everything as anonymous.

EntraId

Azure Active Directory was renamed to Microsoft Entra Identity. We will retain the previous AzureAd moniker for backward compatibility, but it will be marked as deprecated in the documentation once this synonym is available.

OAuth

Currently, AzureAd is just a simple OAuth implementation, and any custom JWT implementation can use it to handle claims. However, it’s far from ideal to make customers choose AzureAd or EntraId when their underlying authentication technology is not from Microsoft. This also opens up a future direction should we need to handle special cases with EntraId.
@abhishekkumams
Copy link
Contributor

Introducing synonyms like EntraId and OAuth definitly provides flexibility, also it sounds more intuitive.

Some Questions:

  1. @seantleonard , what complexities does it add in the underlying implementation?
  2. do we plan to completely deprecate AzureAd in future?
  3. Can you add some more explaination on None being similar to Simulator but treated as authenticated?

@JerryNixon
Copy link
Contributor Author

JerryNixon commented Oct 7, 2024
edited
Loading

Do we plan to completely deprecate AzureAd in future?

Deprecate? Yes. Remove? Probably not. @abhishekkumams

Can you add some more explanation?

Typo corrected: none will treat everything as anonymous.

@JerryNixon
Copy link
Contributor Author

JerryNixon commented Oct 7, 2024
edited
Loading

Should permissions:* be optional in an entity? Or at least defaulted?

@sezal98 sezal98 mentioned this issue Nov 18, 2024
Merged
2 tasks
@JerryNixon
Copy link
Contributor Author

  1. do we plan to completely deprecate AzureAd in future?

I think dab validate could flag it with a warning. I'll remove it from the docs.

@JerryNixon JerryNixon changed the title ⭐ [Enhancement]: Add authentication.provider synonyms. 🥕⭐ [Enhancement]: Add authentication.provider synonyms. Feb 11, 2025
@JerryNixon JerryNixon mentioned this issue Feb 12, 2025
Closed
@JerryNixon
Copy link
Contributor Author

Changes in the configuration file require several steps:

  1. Add property to configuration file (C#)
  2. Update Hot Reload to support new property
  3. Add new property to dab configure CLI
  4. Add new property to dab validate CLI
  5. Add new property to JSON schema
  6. Add new property constraint(s) to config JSON schema
  7. Update DAB documentation with new property
  8. Update DAB documentation with new property CLI
  9. Add Unit Tests, Integration Tests

Sorry, something went wrong.

@sander1095
Copy link

I'll have a look at implementing this, probably next week!

@sander1095 sander1095 linked a pull request Mar 3, 2025 that will close this issue
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add None and OAuth synonyms sander1095/data-api-builder
3 participants
@JerryNixon @sander1095 @abhishekkumams