Skip to content

Request.ifAuthenticatedInRole results in a null-reference error when the user is not authenticated. #159

Description

@bkrug

I am running into the same issue as aghouton: https://github.com/orgs/falcoframework/discussions/148

  • Expected: When a user has a required role, Request.ifAuthenticatedInRole runs the supplied httpHandler
  • Expected: When an authenticated user does not have a required role, Request.ifAuthenticatedInRole does not run the supplied httpHandler
  • Not Expected: When a user is not authenticated, Request.ifAuthenticatedInRole throws an exception.

I have reproduced the issue here: https://github.com/bkrug/expose-falco-role-authorization-bug

On my local PC, I have cloned the Falco repo written the following test.
I have also written code to make the test pass.
I would be willing to push a branch and create a pull request, or to share my branch in any other way.

[<Fact>]
let ``Request.ifAuthenticatedInRole should block non-authenticated users`` () =
    let ctx = getHttpContextWriteable false

    let mutable visited = false

    let handle : HttpHandler = fun ctx ->
        visited <- true
        Response.ofEmpty ctx

    task {
        do! Request.ifAuthenticatedInRole AuthScheme ["admin2"] handle ctx
        visited |> should equal false
    }

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions