@@ -83,7 +83,33 @@ public async Task<DevTunnelStatus> CreateTunnelAsync(string tunnelId, DevTunnelO
8383 if ( exitCode == 0 && tunnel is not null )
8484 {
8585 logger ? . LogTrace ( "Dev tunnel '{TunnelId}' updated successfully." , tunnelId ) ;
86- return tunnel ;
86+
87+ // Ensure tunnel access controls are set as specified in options by resetting existing policies first.
88+ // Ports get deleted and recreated separately, so we only need to reset access on the tunnel itself here.
89+ logger ? . LogTrace ( "Clearing access policies for dev tunnel '{TunnelId}'." , tunnelId ) ;
90+ ( var accessStatus , exitCode , error ) = await CallCliAsJsonAsync < DevTunnelAccessStatus > (
91+ ( stdout , stderr , log , ct ) => _cli . ResetAccessAsync ( tunnelId , portNumber : null , stdout , stderr , log , ct ) ,
92+ logger , cancellationToken ) . ConfigureAwait ( false ) ;
93+ if ( exitCode == 0 && accessStatus is { AccessControlEntries : [ ] } )
94+ {
95+ logger ? . LogTrace ( "Dev tunnel '{TunnelId}' access policies cleared successfully." , tunnelId ) ;
96+ if ( options . AllowAnonymous )
97+ {
98+ // Set anonymous access as specified
99+ logger ? . LogTrace ( "Allowing anonymous access for dev tunnel '{TunnelId}'." , tunnelId ) ;
100+ ( accessStatus , exitCode , error ) = await CallCliAsJsonAsync < DevTunnelAccessStatus > (
101+ ( stdout , stderr , log , ct ) => _cli . CreateAccessAsync ( tunnelId , portNumber : null , anonymous : true , deny : false , stdout , stderr , log , ct ) ,
102+ logger , cancellationToken ) . ConfigureAwait ( false ) ;
103+ if ( exitCode == 0 && accessStatus is not null )
104+ {
105+ logger ? . LogTrace ( "Dev tunnel '{TunnelId}' anonymous access set successfully." , tunnelId ) ;
106+ }
107+ }
108+ if ( exitCode == 0 && accessStatus is not null )
109+ {
110+ return tunnel ;
111+ }
112+ }
87113 }
88114 }
89115
0 commit comments