Azure-Samples / azure-search-openai-demo

A sample app for the Retrieval-Augmented Generation pattern running in Azure, using Azure AI Search for retrieval and Azure OpenAI large language models to power ChatGPT-style and Q&A experiences.
https://azure.microsoft.com/products/search
MIT License
6.14k stars 4.18k forks source link

Securing Content document path in inframe #813

Open sumit4aug opened 1 year ago

sumit4aug commented 1 year ago

Please provide us with the following information:

This issue is for a: (mark with an x)

- [ ] bug report -> please search issues before submitting
- [ ] feature request
- [ ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)

Minimal steps to reproduce

How citation link can be secure, we've already implemented msal based SSO authentication with Azure AAD, but still its not working.

Any log messages given by the failure

Expected/desired behavior

OS and Version?

Windows 7, 8 or 10. Linux (which distribution). macOS (Yosemite? El Capitan? Sierra?)

azd version?

run azd version and copy paste here.

Versions

Mention any other details that might be useful


Thanks! We'll be in touch soon.

pamelafox commented 1 year ago

Which approach did you use for AAD? Did you follow https://github.com/Azure-Samples/azure-search-openai-demo/blob/main/LoginAndAclSetup.md or use a different approach?

If you followed that guide, then I think the content_file function should check get_auth_claims as well.

If you used a different approach, then the content_file function will need to check the auth headers somehow. We have another sample app here that checks auth in Python routes: https://github.com/Azure-Samples/ms-identity-python-webapp/blob/main/app.py

pamelafox commented 1 year ago

cc @mattmsft since this is ACL related

github-actions[bot] commented 10 months ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this issue will be closed.