FEAT: Security & Azure deployment for CoPyRIT GUI#1554
Open
adrian-gavrila wants to merge 169 commits intomicrosoft:mainfrom
Open
FEAT: Security & Azure deployment for CoPyRIT GUI#1554adrian-gavrila wants to merge 169 commits intomicrosoft:mainfrom
adrian-gavrila wants to merge 169 commits intomicrosoft:mainfrom
Conversation
- Add run_initializers_async to pyrit.setup for programmatic initialization - Switch AIRTInitializer to Entra (Azure AD) auth, removing API key requirements - Add --config-file flag to pyrit_backend CLI - Use PyRIT configuration loader in FrontendCore and pyrit_backend - Update AIRTTargetInitializer with new target types Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Add conversation_stats model and attack_result extensions - Add get_attack_results with filtering by harm categories, labels, attack type, and converter types to memory interface - Implement SQLite-specific JSON filtering for attack results - Add memory_models field for targeted_harm_categories - Add prompt_metadata support to openai image/video/response targets - Fix missing return statements in SQLite harm_category and label filters Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Add attack CRUD routes with conversation management - Add message sending with target dispatch and response handling - Add attack mappers for domain-to-DTO conversion with signed blob URLs - Add attack service with video remix support and piece persistence - Expand target service and routes with registry-based target management - Add version endpoint with database info Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Add attack-centric chat UI with multi-conversation support - Add conversation panel with branching and message actions - Add attack history view with filtering - Add labels bar for attack metadata - Add target configuration with create dialog - Add message mapper utilities for backend/frontend translation - Add video playback support with signed blob URLs - Add InputBox with attachment support and auto-expand - Update dev.py with --detach, logs, and process management - Add e2e tests for chat, config, and flow scenarios Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…ssibility Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
… into romanlutz/backend-attack-api
- Rename supports_multiturn_chat to supports_multi_turn to align with TargetCapabilities field - Use target_obj.capabilities.supports_multi_turn instead of isinstance check - Update tests to set capabilities on mock targets Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…_async Reverts the separate run_initializers_async function and restores the original pattern where run_scenario_async calls initialize_pyrit_async a second time with initializers. This avoids a larger refactor. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Catch ValueError in get_conversation_messages route, return 400 - Fix target_registry_name field description - Simplify redundant except (ValueError, Exception) to except Exception - Fix docstring: converter_classes -> converter_types - Fix test assertions: converter_types -> converter_classes (matches memory API) - Remove dead tests for deleted helper methods - Restore azure_openai_video target config to match main Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Move _inject_video_id_from_history and _strip_video_pieces methods from AttackService to OpenAIVideoTarget where they belong - Update _validate_request to accept video_path pieces and check for video_path+image_path conflicts - Add ValueError when video_path is present but no video_id can be resolved - Add 7 unit tests for the inject/strip logic - Remove video-specific logic from attack_service._send_and_store_message Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
behnam-o
reviewed
Mar 31, 2026
frontend/src/auth/msalConfig.ts
Outdated
| */ | ||
| export function getApiScopes(clientId: string): string[] { | ||
| if (!clientId) return ['openid', 'profile', 'email'] | ||
| return [`${clientId}/access`] |
Contributor
There was a problem hiding this comment.
from our chat, I think this might be more optimal and cleaner, and also address my other comment:
- add back Microsoft Graph's User.Read delegated API permission to the app registration
- in getApiScopes in the frontend, request a token with this scope
["https://graph.microsoft.com/User.Read"] - then group resolution will work okay (because the token that's sent to our backend will have graph as its audience)
- now you can remove
accessfrom "exposed APIs" of the app because it's not used anyways - we can also remove the "App Roles" (Copyrit.Dev.All) , and instead assign those 2 groups to the ServicePrincipal (Enterprise Application) with the default role (we can do that even right now, because we don't check this role value in user claims)
- Change getApiScopes to request https://graph.microsoft.com/User.Read - Reuse shared getApiScopes in api.ts instead of duplicate - Update backend token validation audience to graph.microsoft.com - Update test assertions for new scope - Enables groups overage resolution via Graph API Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
ValbuenaVC
reviewed
Apr 1, 2026
- Replace toBeInTheDocument with toBeVisible for user-facing assertions - Add afterEach restoreAllMocks for full test isolation - Refactor AuthConfig from global cache to React Context - Rename useMsal instance to msalInstance for clarity - Extract _authenticate_request_async from dispatch method - Replace magic number with removeprefix for Bearer token parsing - Rename overage methods/comments for clarity - Add _client_id usage comment in auth middleware - Clarify .azure directory mount in Docker run script - Standardize Entra ID vs Azure terminology in docs - Expand acronyms and add links in infra README - Add what-if preview section to infra README Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Extract AuthConfigContext to separate file (react-refresh/only-export-components) - Replace ghcr.io/astral-sh/uv container image with install script to comply with Microsoft container security policy (CSSC) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adds authentication, security middleware, Azure infrastructure-as-code, and a CI/CD pipeline for deploying the CoPyRIT GUI as an
Azure Container App.
Authentication
@azure/msal-browser— no client secrets needed. NewAuthProviderandmsalConfigcomponents;Axios interceptor attaches Bearer tokens automatically.
pyrit/backend/middleware/auth.py) validates tokens against Entra ID JWKS. Supports multi-groupauthorization via
allowedGroupObjectIds. Auth gracefully disables when env vars are unset (local dev)./api/auth/me) for the frontend to display the signed-in user.Security middleware
SecurityHeadersMiddleware: CSP, HSTS (prod only), X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy,Cache-Control (
no-storeon API routes). Swagger disabled in production.Infrastructure (Bicep)
infra/main.bicep+ ARM template: provisions Container App Environment, ACR (optional), Log Analytics, Application Insights(opt-in OTel), User-Assigned Managed Identity, and VNet/Private Endpoint (opt-in).
.envinjection — no secrets baked into the container.infra/README.md: full deployment guide covering prerequisites, Entra setup, RBAC grants, and post-deployment steps.CI/CD
gui-deploy.yml: ADO pipeline — build → push to ACR → deploy to test → opt-in prod promotion.Docker
Dockerfile,start.sh, anddocker-compose.yamlfor managed identity auth on Azure and service principal auth locally..pyrit_conf_examplewith operator/operation label examples.Tests and Documentation
frontend/src/App.test.tsxandfrontend/src/services/api.test.tsupdated to cover auth integration.infra/README.mdserves as the deployment guide with full prerequisites, step-by-step setup, post-deployment checklist, andteardown instructions.
docker/QUICKSTART.mdupdated with auth configuration and local dev workflow.