I’ve got a shiny app inside azure app service using Azure’s EasyAuth. I can successfully authenticate to open a page. However, I’d like to get the user information which isn’t automatic since Shiny strips headers without buying the full pro edition.
I can think of a few high level potential work arounds but I’m not sure how well, if at all, any of these would work without trying to fully implement each.
Put an nginx or apache reverse proxy in front of Shiny that would rewrite headers to query parameters which could then be accessed as
session[['clientData']]$url_searchPro: I’m pretty sure this would work. Con: I think people could spoof who they are by just changing the query in their address and also they’d see their name appended to the url which would make copy-paste a pain. This isn’t a deal breaker because it’s just for convenience, not security, everyone has access to everything anyway (at least for now)
Access the secure&HTTPonly AppServiceAuthSession cookie from the server and then
httr::GETmyurl.com/.auth/me using that cookie to get a concise json of who the user is. Pro: If it’s possible then I don’t have to reconfigure my Docker image like in #1 Cons: It doesn’t seem I can readily get the cookie into the shiny so this may not really be a potential
Have the client brower access myurl.com/.auth/me through a js script and return those results to shiny server. Pro: Like 2, wouldn’t require reconfiguring my app service. Con: Don’t know if possible but it’s the same domain so I think it is.
It’d be most helpful if 2 and 3 could either be quickly implemented or 100% ruled out. If there’s a 4th option that I hadn’t thought of then that would be welcome too.