Authorization Header and downstream API endpoint updates #3507
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jmprieur
approved these changes
Sep 30, 2025
Collaborator
jmprieur
left a comment
jmprieur
left a comment
There was a problem hiding this comment.
LGTM
a left a few things to change (remove b2c, and, in the examples/description tenant can't be common). Otherwise it looks awesome to me
| AddAcquireTokenOption(op, "Tenant", "Override tenant (GUID or 'common')."); | ||
| AddAcquireTokenOption(op, "UserFlow", "B2C user flow (if applicable)."); | ||
| AddAcquireTokenOption(op, "ForceRefresh", "boolean", "true = bypass token cache."); | ||
| AddAcquireTokenOption(op, "AuthenticationOptionsName", "Named authentication configuration to use."); |
Collaborator
There was a problem hiding this comment.
This supposes that we read other sections than "AzureAd". A bit like what Mise foundation does.
Contributor
Author
There was a problem hiding this comment.
Fair, not particularly relevant here
src/Microsoft.Identity.Web.Sidecar/Models/BindableDownstreamApiOptions.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Identity.Web.Sidecar/Endpoints/AuthorizationHeaderEndpoint.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Identity.Web.Sidecar/Endpoints/AuthorizationHeaderEndpoint.cs
Show resolved
Hide resolved
src/Microsoft.Identity.Web.Sidecar/Endpoints/DownstreamApiEndpoint.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Identity.Web.Sidecar/Models/BindableDownstreamApiOptions.cs
Show resolved
Hide resolved
src/Microsoft.Identity.Web.Sidecar/OpenAPI/Microsoft.Identity.Web.Sidecar.json
Outdated
Show resolved
Hide resolved
added 2 commits
September 30, 2025 15:56
keegan-caruso
force-pushed
the
kecaruso/sidecar-consistent-model-binding
branch
from
23b849b to
a4e3445
Compare
keegan-caruso
added a commit
that referenced
this pull request
Oct 1, 2025
* Authorization Header and downstream API endpoints updates * Fix open api generation --------- Co-authored-by: Keegan Caruso <[email protected]>
keegan-caruso
added a commit
that referenced
this pull request
Oct 4, 2025
* Authorization Header and downstream API endpoints updates * Fix open api generation --------- Co-authored-by: Keegan Caruso <[email protected]>
keegan-caruso
added a commit
that referenced
this pull request
Oct 7, 2025
* initial commit * Refactor, add basic error handling * Adding E2E test (#3476) * Add authorization header endpoint, minor cleanup * more end to end tests for sidecar (#3477) * Adding E2E test * Improving the tests * Fix name * Apply suggestion from @keegan-caruso Co-authored-by: Keegan <[email protected]> --------- Co-authored-by: Keegan <[email protected]> * Add more tests * Improvements (#3478) * Fix model bindng (#3479) Other cleanup and improvements Co-authored-by: Keegan Caruso <[email protected]> * Update tests to new behavior + 401 on AuthorizationHeader when we are sure it's an auth issue (#3480) * Improvements * fix tests with new behavior * Apply suggestion from @keegan-caruso Co-authored-by: Keegan <[email protected]> * Apply Keegan's suggestion --------- Co-authored-by: Keegan <[email protected]> * add downstream api (#3483) * add downstream api --------- Co-authored-by: Keegan Caruso <[email protected]> * Enable container workflow (#3496) * containerization * Enable container workflows --------- Co-authored-by: Jean-Marc Prieur <[email protected]> Co-authored-by: Keegan Caruso <[email protected]> * Add more e2e tests (#3504) Co-authored-by: Keegan Caruso <[email protected]> * Authorization Header and downstream API endpoint updates (#3507) * Authorization Header and downstream API endpoints updates * Fix open api generation --------- Co-authored-by: Keegan Caruso <[email protected]> * Sidecar endpoint descriptions (#3510) * Add more descriptions to open api document * Adjust for open api doc generation --------- Co-authored-by: Keegan Caruso <[email protected]> * Current implementation of Open API description generation is not trim friendly * Add agentuserid to list of params (#3514) * Add agentuser id to list of params * Apply suggestion from @jmprieur Co-authored-by: Jean-Marc Prieur <[email protected]> * Apply suggestion from @jmprieur Co-authored-by: Jean-Marc Prieur <[email protected]> * update openapi file --------- Co-authored-by: Keegan Caruso <[email protected]> Co-authored-by: Jean-Marc Prieur <[email protected]> * Add windows container (#3516) Co-authored-by: Keegan Caruso <[email protected]> * Sidecar python adapter devapp (#3508) * Python adapter * feedback --------- Co-authored-by: Keegan Caruso <[email protected]> * Add readme (#3517) * Add readme * Move runtime composition details in README move runtime composition section --------- Co-authored-by: Keegan Caruso <[email protected]> * Make the sidecar trim friendlier (#3518) Co-authored-by: Keegan Caruso <[email protected]> * Update python adapter (#3519) Co-authored-by: Keegan Caruso <[email protected]> * Don't use R2R (#3523) Co-authored-by: Keegan Caruso <[email protected]> * Exclude EndpointsE2ETests when ran from GH action * include FROM_GITHUB_ACTION in sidecar tests * Use in-memory config for sidecar e2e test * Apply suggestions from code review Co-authored-by: Jean-Marc Prieur <[email protected]> * Move SidecarApiFactory to separate file * Also needs test filter --------- Co-authored-by: Keegan Caruso <[email protected]> Co-authored-by: Jean-Marc Prieur <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Authorization Header and downstream API endpoint updates
Summary of the changes (Less than 80 chars)
Description