Closed vvdb-architecture closed 3 months ago
[!IMPORTANT]
Review skipped
Auto reviews are disabled on base/target branches other than the default branch.
Please check the settings in the CodeRabbit UI or the
.coderabbit.yaml
file in this repository. To trigger a single review, invoke the@coderabbitai review
command.You can disable this status message by setting the
reviews.review_status
tofalse
in the CodeRabbit configuration file.
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?
Sometimes, we nee to make authenticated calls outside a http context. Examples include Hangfire jobs and parallel tasks that endure long after the (authenticated) http call that triggered them finished.
For those scenarios,
IScopedServiceProviderAccessor
was introduced. But this requires changing the way the job or task is initialized, so that theIApplicationContext.Principal
is initialized and added properly.However, some scenarios only use authentication methods that do not require a properly initialized
IApplicationContext.Principal
, like client secrets. In this case,IApplicationContext
is not needed and can remain null (since we're outside a http context).Unfortunately, this will give problems with the current implementation of
JwtHttpHandler
: an exception will be thrown because theIScopedServiceProviderAccessor
is not initialized correctly.When merging this PR:
JwtHttpHandler
will work for client secret authentication even ifIScopedServiceProviderAccessor
is not initialized correctly. This greatly simplifies migration scenariosToLowerInvariant
ornew string[]
allocations)