I’ve got a shiny app inside azure app service using Azure’s EasyAuth. I can successfully authenticate to open a page. However, I’d like to get the user information which isn’t automatic since Shiny strips headers without buying the full pro edition.
I can think of a few high level potential work arounds but I’m not sure how well, if at all, any of these would work without trying to fully implement each.
-
Put an nginx or apache reverse proxy in front of Shiny that would rewrite headers to query parameters which could then be accessed as
session[['clientData']]$url_searchPro: I’m pretty sure this would work. Con: I think people could spoof who they are by just changing the query in their address and also they’d see their name appended to the url which would make copy-paste a pain. This isn’t a deal breaker because it’s just for convenience, not security, everyone has access to everything anyway (at least for now) -
Access the secure&HTTPonly AppServiceAuthSession cookie from the server and then
httr::GETmyurl.com/.auth/me using that cookie to get a concise json of who the user is. Pro: If it’s possible then I don’t have to reconfigure my Docker image like in #1 Cons: It doesn’t seem I can readily get the cookie into the shiny so this may not really be a potential -
Have the client brower access myurl.com/.auth/me through a js script and return those results to shiny server. Pro: Like 2, wouldn’t require reconfiguring my app service. Con: Don’t know if possible but it’s the same domain so I think it is.
It’d be most helpful if 2 and 3 could either be quickly implemented or 100% ruled out. If there’s a 4th option that I hadn’t thought of then that would be welcome too.