Skip to content
This repository was archived by the owner on Nov 20, 2018. It is now read-only.

[Prototype] Add multitenant version of dynamic schemes sample #44

Closed
wants to merge 8 commits into from
Closed

[Prototype] Add multitenant version of dynamic schemes sample #44

wants to merge 8 commits into from

Conversation

HaoK
Copy link
Member

@HaoK HaoK commented May 2, 2018
edited
Loading

So early cut of the multi-tenant + auth options sample.

I took the existing dynamic schemes samples and made it work for different tenants, I just used a lame
?tenant=id query string to simulate different tenants.

The sample has adds these services:

            // Just returns the tenant id
            services.AddSingleton<TenantResolver>();

            // Basically adds a layer of tenant to named options dictionary
            services.AddSingleton<IOptionsMonitor<SimpleOptions>, TenantOptionsMonitor>();

            // These are needed to be able to add/remove schemes and also update their options
            services.AddSingleton<IAuthenticationSchemeProvider, TenantSchemeResolver>();
            services.AddSingleton<TenantOptionsCache>();

The result is each tenant has its own set of authentication schemes and options configurations, and can be updated dynamically using /?tenant=id

Thoughts @Tratcher @davidfowl @blowdart

blowdart
blowdart reviewed May 2, 2018
View reviewed changes
samples/Options.MultiTenant/TenantResolver.cs

namespace AuthSamples.Options.MultiTenant
{
public class TenantResolver
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Interface rather than class? That way we could push a database into it, so people can map from config in a database

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So this isn't something we are shipping, this is just a sample, so there's not really much upside for an interface in the sample when they would just modify this to take any dependencies needed, if they wanted it to use a DbContext, they could just make it Scoped, although that would affect the lifetimes of the other things too

@Tratcher Tratcher mentioned this pull request May 2, 2018
Closed
Tratcher
Tratcher reviewed May 3, 2018
View reviewed changes
Copy link
Member

@Tratcher Tratcher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks promising. It's hard to call this a supported scenario when you have to implement this many types.

samples/Options.MultiTenant/README.md Outdated
3. You can also update any of the scheme options message via the add/update form.

Index.cshtml and Controllers/AuthController.cs are the most interesting classes in the sample,
as they demonstrate how to add/remove schemes and update the corresponding named options dynamically.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also TenantSchemeResolver and company

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah i still need to update the readmes

samples/Options.MultiTenant/TenantSchemeResolver.cs
=> Task.FromResult<IEnumerable<AuthenticationScheme>>(GetMap(_resolver.ResolveTenant()).Values);

public Task<AuthenticationScheme> GetDefaultAuthenticateSchemeAsync()
=> null;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why aren't these needed?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This sample doesn't actually do auth, the pages just list the schemes and their creds. Its just demonstrating how you configure different schemes in different tenants, its not functionally using auth.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hence its Options.Multitenant as opposed to Auth.Multitenant

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But basically this implementation doesn't support defaults, which makes sense since they hang off the singleton AuthenticationOptions anyways

@HaoK
Copy link
Member Author

HaoK commented May 3, 2018

But yeah this certainly isn't 'easy', but its doable via extensibility (not sure what the definition of 'supported' is)

@HaoK
Copy link
Member Author

HaoK commented May 9, 2018

Any major concerns with this sample? If not I'll add some tests and call it good enough for now

@Tratcher
Copy link
Member

Tratcher commented May 9, 2018

No, go ahead.

@Tratcher Tratcher mentioned this pull request May 15, 2018
Closed
@HaoK HaoK mentioned this pull request Jun 21, 2018
Closed
@natemcmaster natemcmaster changed the base branch from dev to master July 2, 2018 17:44
@Tratcher
Copy link
Member

Rebase? you picked up a lot of extra commits.

@natemcmaster
Copy link
Contributor

This repo is about to be archived. AuthSamples are now part of aspnet/AspNetCore.

cref dotnet/aspnetcore#4088

This was referenced Jan 3, 2019
Closed
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@blowdart blowdart blowdart left review comments

@Tratcher Tratcher Tratcher left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@HaoK @Tratcher @natemcmaster @blowdart