You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In #4374 the request authentication was refactored but this solution is still not very clean.
Before that PR the authentication logic had many implicit behaviors e.g. unauthenticated requests were still forwarded and reva has it's own authentication handler which is why this worked.
But the clean way would be to explicitly handle the authentication in the proxy service and only forward the requests when they were successfully authenticated or when the request is made to "unprotected" paths.
One way to do that would be to add an "unprotected" flag to the proxy routes. Then we would need to route the request before invoking the authentication middleware so that we get the extra information into the context.
The text was updated successfully, but these errors were encountered:
In #4374 the request authentication was refactored but this solution is still not very clean.
Before that PR the authentication logic had many implicit behaviors e.g. unauthenticated requests were still forwarded and reva has it's own authentication handler which is why this worked.
But the clean way would be to explicitly handle the authentication in the proxy service and only forward the requests when they were successfully authenticated or when the request is made to "unprotected" paths.
One way to do that would be to add an "unprotected" flag to the proxy routes. Then we would need to route the request before invoking the authentication middleware so that we get the extra information into the context.
The text was updated successfully, but these errors were encountered: