Defaulting SwtAuthenticationEnabled to False (#10195)

src/WebJobs.Script/Config/FunctionsHostingConfigOptions.cs

@@ -66,7 +66,7 @@ internal bool SwtAuthenticationEnabled
         {
             get
             {
-                return GetFeatureAsBooleanOrDefault(ScriptConstants.HostingConfigSwtAuthenticationEnabled, true);
+                return GetFeatureAsBooleanOrDefault(ScriptConstants.HostingConfigSwtAuthenticationEnabled, false);
             }
 
             set

test/WebJobs.Script.Tests.Integration/WebHostEndToEnd/SamplesEndToEndTests_CSharp.cs

@@ -1391,6 +1391,10 @@ public override void ConfigureWebHost(IServiceCollection services)
             {
                 base.ConfigureWebHost(services);
 
+                // SWT auth is disabled by default so we must enable to test
+                services.AddOptions<FunctionsHostingConfigOptions>()
+                    .Configure(o => o.SwtAuthenticationEnabled = true);
+
                 // The legacy http tests use sync IO so explicitly allow this
                 var environment = new TestEnvironment();
                 string testSiteName = "somewebsite";

test/WebJobs.Script.Tests/Configuration/FunctionsHostingConfigOptionsTest.cs

@@ -126,8 +126,8 @@ public void Property_Validation()
                 (nameof(FunctionsHostingConfigOptions.SwtAuthenticationEnabled), "SwtAuthenticationEnabled=False", false),
                 (nameof(FunctionsHostingConfigOptions.SwtAuthenticationEnabled), "SwtAuthenticationEnabled=True", true),
                 (nameof(FunctionsHostingConfigOptions.SwtAuthenticationEnabled), "SwtAuthenticationEnabled=0", false),
-                (nameof(FunctionsHostingConfigOptions.SwtAuthenticationEnabled), "SwtAuthenticationEnabled=unparseable", true), // default
-                (nameof(FunctionsHostingConfigOptions.SwtAuthenticationEnabled), string.Empty, true), // default
+                (nameof(FunctionsHostingConfigOptions.SwtAuthenticationEnabled), "SwtAuthenticationEnabled=unparseable", false), // default
+                (nameof(FunctionsHostingConfigOptions.SwtAuthenticationEnabled), string.Empty, false), // default
 
                 // Supports True/False/1/0
                 (nameof(FunctionsHostingConfigOptions.SwtIssuerEnabled), "SwtIssuerEnabled=False", false),
@@ -251,8 +251,8 @@ public void SwtAuthenticationEnabled_ReturnsExpectedValue()
         {
             FunctionsHostingConfigOptions options = new FunctionsHostingConfigOptions();
 
-            // defaults to true
-            Assert.True(options.SwtAuthenticationEnabled);
+            // defaults to false
+            Assert.False(options.SwtAuthenticationEnabled);
 
             // returns true when explicitly enabled
             options.Features[ScriptConstants.HostingConfigSwtAuthenticationEnabled] = "1";

test/WebJobs.Script.Tests/Security/Authentication/ArmAuthenticationHandlerTests.cs

@@ -7,6 +7,7 @@
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Azure.WebJobs.Extensions.Http;
+using Microsoft.Azure.WebJobs.Script.Config;
 using Microsoft.Azure.WebJobs.Script.WebHost.Security;
 using Microsoft.Azure.WebJobs.Script.WebHost.Security.Authentication;
 using Microsoft.Extensions.DependencyInjection;
@@ -19,6 +20,11 @@ public class ArmAuthenticationHandlerTests
         private static DefaultHttpContext GetContext()
         {
             var services = new ServiceCollection().AddLogging();
+
+            // SWT auth is disabled by default so we must enable to test
+            services.AddOptions<FunctionsHostingConfigOptions>()
+                .Configure(o => o.SwtAuthenticationEnabled = true);
+
             services.AddAuthentication(o =>
             {
                 o.DefaultScheme = ArmAuthenticationDefaults.AuthenticationScheme;