Skip to content

feat: Allow referencing expressions and constants in policy parameters from other source files in project #188

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat: Allow referencing expressions and constants in policy parameters from other source files in project #188

wants to merge 2 commits into from

Conversation

@Mielek
Copy link
Collaborator

@Mielek Mielek commented Nov 28, 2025
edited
Loading

Closes #56, #184

This allows having set of expressions and set of constants which can be reuse as policy parameters.

Limitations:

Reusable constants need to be defined as const.

Reusable expressions will not be inline if used inside other expressions.

This PR does not touch on reusable methods for policy fragments

Example:

Constants.cs

public static class Constants
{
    public const string Username = "{{username}}";
    public const string Password = "{{password}}";
    public const string AzureManagementUrl = "https://management.azure.com/";
}

Expressions.cs

public static class Expressions
{
     public bool IsFromCompanyIp(IExpressionContext context)
        => context.Request.IpAddress.StartsWith("10.0.0.");
}

PolicyDocumentA.cs

[Document]
public class PolicyDocumentA : IDocument
{
    public void Inbound(IInboundContext context) 
    { 
        if (Expressions.IsFromCompanyIp(context.ExpressionContext))
        {
            context.AuthenticationBasic(Constants.Username, Constants.Username);
        }
        else
        {
            context.AuthenticationManagedIdentity(new ManagedIdentityAuthenticationConfig()
            {
                Resource = Constants.AzureManagementUrl,
            });
        }
        // other policies
    }
}

PolicyDocumentB.cs

[Document]
public class PolicyDocumentB : IDocument
{
    public void Inbound(IInboundContext context) 
    { 
        if (Expressions.IsFromCompanyIp(context.ExpressionContext))
        {
            context.AuthenticationBasic(Constants.Username, Constants.Username);
        }
        else
        {
            context.AuthenticationManagedIdentity(new ManagedIdentityAuthenticationConfig()
            {
                Resource = Constants.AzureManagementUrl,
            });
        }
        // other policies
    }
}

After this PR compiling above should produce
PolicyDocumentA.xml

<policies>
  <inbound>
    <choose>
      <when condition="@(context.Request.IpAddress.StartsWith("10.0.0."))">
        <authentication-basic username="{{username}}" password="{{password}}" />
      </when>
      <otherwise>
        <authentication-managed-identity resource="https://management.azure.com/" />
      </otherwise>
    </choose>
    <!-- other policies -->
  <inbound>
<policies>

PolicyDocumentB.xml

<policies>
  <inbound>
    <choose>
      <when condition="@(context.Request.IpAddress.StartsWith("10.0.0."))">
        <authentication-basic username="{{username}}" password="{{password}}" />
      </when>
      <otherwise>
        <authentication-managed-identity resource="https://management.azure.com/" />
      </otherwise>
    </choose>
    <!-- other policies -->
  <inbound>
<policies>

@Mielek Mielek linked an issue Nov 28, 2025 that may be closed by this pull request
Support configuration file for compile-time value management #184
Open
@Mielek Mielek mentioned this pull request Nov 28, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tomkerkhove tomkerkhove Awaiting requested review from tomkerkhove tomkerkhove is a code owner

@maciejtreder maciejtreder Awaiting requested review from maciejtreder maciejtreder is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support configuration file for compile-time value management Const strings are not handled

2 participants

@Mielek