Add default-off rule that denies login for maintenance #175
Conversation
|
correct, so when needed, you flip it on, do your stuff, flip it off (or will be flipped off by CI after rules have been merged, and thus it does not need to be active anyway) |
gene1wood
changed the title
|
What do you think about moving more to how firewall rules work where a positive indicator is needed to pass through the rules. So for example, right now where we check to see if the client_id is one that we know the auth0 rules need to do authorization checks for (because the RP doesn't have the capability), what if in that client_id check, when we find that the client_id does not need our help, we set a "yes, this user should be allowed to login flag which gets us out of the rule processing flow. This way, just like with firewall rules, we can leave the 999 rule enabled and then when we make a mistake in the rules (related to their order, a bug in a rule, etc) the default behavior is not to allow the user to login, but instead to bar the user from logging in. |
|
while this sounds good in theory, we're limited to how auth0 is implemented and I would be careful when implementing this as there is no state guaranteed for volatile data between rules. f.e.:
The advantage of the current rule is that its not state dependent basically. I propose we just ask Auth0 what they think of this and what their recommendation is |
|
Bundling this in #183 |
Add default-off rule that denies login for maintenance. Order is 999.
Only use this when required as it forbids ALL logins.
NOTE: This introduce a new message 'maintenancemode' which needs to also
be present on the sso dashboard (it works without, but looks prettier
with)
Fixes #174