FIX Allow actor healthz endpoint are now always AllowAnonymous (#923)

Signed-off-by: Marcos Candeia <marrcooos@gmail.com>

Signed-off-by: Marcos Candeia <marrcooos@gmail.com>

src/Dapr.Actors.AspNetCore/ActorsEndpointRouteBuilderExtensions.cs

@@ -16,7 +16,7 @@ using System.Text;
 using Dapr.Actors;
 using Dapr.Actors.Communication;
 using Dapr.Actors.Runtime;
-using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Routing;
 using Microsoft.Extensions.DependencyInjection;
 
@@ -50,7 +50,7 @@ namespace Microsoft.AspNetCore.Builder
                 MapActorMethodEndpoint(endpoints),
                 MapReminderEndpoint(endpoints),
                 MapTimerEndpoint(endpoints),
-                MapActorHealthChecks(endpoints),
+                MapActorHealthChecks(endpoints)
             };
 
             return new CompositeEndpointConventionBuilder(builders);
@@ -171,7 +171,7 @@ namespace Microsoft.AspNetCore.Builder
 
         private static IEndpointConventionBuilder MapActorHealthChecks(this IEndpointRouteBuilder endpoints)
         {
-            var builder = endpoints.MapHealthChecks("/healthz");
+            var builder = endpoints.MapHealthChecks("/healthz").WithMetadata(new AllowAnonymousAttribute());
             builder.Add(b =>
             {
                 // Sets the route order so that this is matched with lower priority than an endpoint

test/Dapr.Actors.AspNetCore.IntegrationTest/Dapr.Actors.AspNetCore.IntegrationTest.csproj

@@ -19,6 +19,7 @@
   </ItemGroup>
 
   <ItemGroup>
+    <ProjectReference Include="..\..\src\Dapr.AspNetCore\Dapr.AspNetCore.csproj" />
     <ProjectReference Include="..\..\src\Dapr.Actors.AspNetCore\Dapr.Actors.AspNetCore.csproj" />
     <ProjectReference Include="..\Dapr.Actors.AspNetCore.IntegrationTest.App\Dapr.Actors.AspNetCore.IntegrationTest.App.csproj" />
   </ItemGroup>

test/Dapr.Actors.AspNetCore.IntegrationTest/HostingTests.cs

@@ -24,6 +24,8 @@ using Microsoft.Extensions.Diagnostics.HealthChecks;
 using Microsoft.Extensions.Hosting;
 using Microsoft.Extensions.Logging;
 using Xunit;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
 using Xunit.Sdk;
 
 namespace Dapr.Actors.AspNetCore.IntegrationTest
@@ -59,6 +61,17 @@ namespace Dapr.Actors.AspNetCore.IntegrationTest
             await Assert2XXStatusAsync(response);
         }
 
+        [Fact]
+        public async Task ActorsHealthz_ShouldNotRequireAuthorization()
+        {
+            using var host = CreateHost<AuthorizedRoutesStartup>();
+            var server = host.GetTestServer();
+
+            var httpClient = server.CreateClient();
+            var response = await httpClient.GetAsync("/healthz");
+            await Assert2XXStatusAsync(response);
+        }
+
         // We add our own health check on /healthz with worse priority than one
         // that would be added by a user. Make sure this works and the if the user
         // adds their own health check it will win.
@@ -135,6 +148,28 @@ namespace Dapr.Actors.AspNetCore.IntegrationTest
             }
         }
 
+        private class AuthorizedRoutesStartup
+        {
+            public void ConfigureServices(IServiceCollection services)
+            {
+                services.AddActors(default);
+                services.AddAuthentication().AddDapr(options => options.Token = "abcdefg");
+
+                services.AddAuthorization(o => o.AddDapr());
+            }
+
+            public void Configure(IApplicationBuilder app)
+            {
+                app.UseRouting();
+                app.UseAuthentication();
+                app.UseAuthorization();
+                app.UseEndpoints(endpoints =>
+                {
+                    endpoints.MapActorsHandlers().RequireAuthorization("Dapr");
+                });
+            }
+        }
+
         private class FallbackRouteStartup
         {
             public void ConfigureServices(IServiceCollection services)