Skip to content

Add authentication validation to the JSON schema #2646

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 18 commits into
base: main
Choose a base branch
from
Open

Add authentication validation to the JSON schema #2646

wants to merge 18 commits into from
+305 −95

Conversation

sander1095
Copy link
Contributor

@sander1095 sander1095 commented Apr 9, 2025
edited
Loading

Why make this change?

Closes #2643

The JSON schema does not contain a list of auth providers, nor does it validate the use of the jwt property. This results in a suboptimal developer experience. By adding this list and validation, developers have an easier time learning about all the options and can be more productive.

What is this change?

  • This change modifies the JSON schema with a list of providers and validation of the providers and the jwt property.StackOverflow helped me with the finer details of the validation.
    • I also added tests to validate my changes.
  • Migrate from NJsonSchema to JsonSchemaNet because NJsonSchema doesn't validate anyof + const correctly. JsonSchemaNet does support this
  • Changed https to http in the schema file to be spec compliant. Draft-07's original URL is http-based.
    • If you try to validate a document with the https url, it will fail because of the unknown schema URL.
    • This does not impact security. The schema should just be a placeholder for the json validator binary to know what rules to use, and it's redirected to https when you navigate to it, anyway.

How was this tested?

  • Integration Tests
  • Unit Tests

Sample Request(s)

image

image

image

@sander1095 sander1095 mentioned this pull request Apr 9, 2025
Open
@RubenCerna2079
Copy link
Contributor

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 6 pipeline(s).

Aniruddh25
Aniruddh25 approved these changes Apr 13, 2025
View reviewed changes
Copy link
Contributor

@Aniruddh25 Aniruddh25 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks for adding this validation and improving developer experience.

@sander1095
Copy link
Contributor Author

@Aniruddh25 I've processed your comments.

I took a look at the failures of the CI pipeline of the last commits. They seem to be unrelated to my changes: The task has failed because you are using Ubuntu 24.04 or later without mono installed. See https://aka.ms/nuget-task-mono for more information..

Let's hope that a re-run will make them go green!

@sander1095 sander1095 requested a review from Aniruddh25 April 14, 2025 14:33
@sander1095
Copy link
Contributor Author

@RubenCerna2079 Could you perform a re-run on this PR :)

@Aniruddh25
Copy link
Contributor

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 6 pipeline(s).

@sander1095
Copy link
Contributor Author

I see I broke some config tests. I'll hopefully have time to look into this next week!

@RubenCerna2079
Copy link
Contributor

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 6 pipeline(s).

@sander1095
Copy link
Contributor Author

Hi! I sadly haven't been able to work on this issue this week. I'll be moving house during the next few weeks. I probably won't have time to look until this until the end of May/beginning of June.

If the team wants this merged, I'll sadly have to ask them to fix these tests. Otherwise I will fix them when I have time.

@Aniruddh25 @RubenCerna2079

@Aniruddh25
Copy link
Contributor

@sander1095 thank you for your update. This PR can wait when you get more time to work on it. We appreciate your contributions and look forward to when you have updates on this.

RubenCerna2079
RubenCerna2079 approved these changes May 9, 2025
View reviewed changes
Copy link
Contributor

@RubenCerna2079 RubenCerna2079 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! I really like the way the test is made, very clever.

@Aniruddh25
Copy link
Contributor

/azp run

@azure-pipelines Azure Pipelines
Copy link

Azure Pipelines successfully started running 6 pipeline(s).

@sander1095
Copy link
Contributor Author

sander1095 commented May 15, 2025
edited
Loading

Hi @Aniruddh25 and @RubenCerna2079 !

I've found some to look into this PR. I've updated it. The failed unit tests now run correctly on my machine!

There's 1 impactful change you should be aware of: I decided to move away from NJsonSchema and use JsonSchemaNet instead. The former doesn't validate oneof + const correctly, which we use for letting the user decide a specific auth provider. JsonSchemaNet DOES support this. If you disagree with this change, we could stay on NJsonSchema and use anyof + const instead, but this is "less" correct as it would indicate multiple auth providers should be supported, which is not the case..

I think it's worth a try to run the pipelines again and see the results!

If the integration fail again, please post the stacktraces. I can't access them as I get a 403 error when trying to see more details in Azure Pipelines.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Aniruddh25 Aniruddh25 Aniruddh25 approved these changes

@RubenCerna2079 RubenCerna2079 RubenCerna2079 approved these changes

@aaronburtle aaronburtle Awaiting requested review from aaronburtle aaronburtle is a code owner

@ravishetye ravishetye Awaiting requested review from ravishetye ravishetye is a code owner

@rohkhann rohkhann Awaiting requested review from rohkhann

@neeraj-sharma2592 neeraj-sharma2592 Awaiting requested review from neeraj-sharma2592 neeraj-sharma2592 is a code owner

@sourabh1007 sourabh1007 Awaiting requested review from sourabh1007 sourabh1007 is a code owner

@sezal98 sezal98 Awaiting requested review from sezal98 sezal98 is a code owner

@souvikghosh04 souvikghosh04 Awaiting requested review from souvikghosh04 souvikghosh04 is a code owner

@vadeveka vadeveka Awaiting requested review from vadeveka vadeveka is a code owner

@Alekhya-Polavarapu Alekhya-Polavarapu Awaiting requested review from Alekhya-Polavarapu Alekhya-Polavarapu is a code owner

@rusamant rusamant Awaiting requested review from rusamant rusamant is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add Authentication providers to JSON schema for autocomplete and validation
3 participants
@sander1095 @RubenCerna2079 @Aniruddh25