-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature/eyqb 319 no public access #182
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Only relative path addresses are considered "local" URLs.
Secret values configurable.
New no-op "no challenge" filter if service access unchallenged.
Move Error endpoint to its own new unguarded controller.
Doc comments (point to no-op filter for public access). More tests.
Will come from pipeline. ...or can come from command line on dev machines.
Tf added variables for access challenge. Tf configure service on deployment for access challenge. Secret values will come from command line / pipeline.
…s' into feature/eyqb-319-no-public-access
…s' into feature/eyqb-319-no-public-access
sam-c-dfe
reviewed
Jun 13, 2024
sam-c-dfe
approved these changes
Jun 13, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
All endpoints except Error and Health guarded behind configurable secrets. Can be turned off altogether through configuration, which will be done only in production once the service has achieved Authority to Operate.
There is an opportunity to extract this functionality into a reusable Nuget package if it is deemed more generally useful.
Ticket number (if applicable)
EYQB-319
How Has This Been Tested?
All runs as expected locally. Lots of new unit tests too. All end-to-end tests and accessibility tests pass also on the GitHub PR check action.
Screenshots
If user has not entered the secret, any page redirects them to a challenge page:
Once an acceptable key has been submitted on this page, the site works as if all the pages are public.
Checklist: