Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Exclude certain controllers? #86

Open
chambersDon opened this issue Jul 10, 2020 · 1 comment
Open

Exclude certain controllers? #86

chambersDon opened this issue Jul 10, 2020 · 1 comment
Labels
design-required Requires API design and planning before this can be added. under consideration

Comments

@chambersDon
Copy link

I set EnforceHeader=true, to require the client to add the correlationID header. I need to exclude some of the controllers. I have a health check endpoint and swagger documents endpoint that should not require a correlationID. Is this possible?

@stevejgordon
Copy link
Owner

Hi @chambersDon,

Thanks for raising this suggestion. With the current design, it's not available in the package. To implement this, I think the middleware would need to be made "Endpoint aware" so that when it runs, it knows which Endpoint will handle the request. This is technically possible if the middleware where to be registered after UseRouting() in the pipeline. An attribute could then be used to mark Endpoints with metadata to avoid the correlation ID from being enforced on those requests. The main downside is that for this to function, it may require consumers to call UseRouting earlier than they would normally. Often we want to grab the correlation ID right at the start of the request so the correlation ID is registered as the first middleware in the pipeline.

I'll put this into under consideration as I can see the requirement. As I type this, I can think of a few designs which may be a nice way to enable this where it is needed.

Right now, I think the best option is not to enforce this using the library with EnforceHeader = true. Instead, you could add you own piece of middleware to selectively check for the correlation ID when you deem that it is required for the Endpoint in question. Alternatively, since you likely only want the enforce to happen inside MVC, you could write a global ActionFilter and apply the check there, such that you reject any requests without the correlation ID which are routed to an MVC Action.

@stevejgordon stevejgordon added the design-required Requires API design and planning before this can be added. label Jul 14, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
design-required Requires API design and planning before this can be added. under consideration
Projects
None yet
Development

No branches or pull requests

2 participants