feat: restrict backend Container App access in WAF deployment

When enablePrivateNetworking (WAF mode) is active:
- Frontend FastAPI server proxies /api/* requests to backend via httpx
- /config endpoint returns same-origin /api URL so browser never sees
  the Container App URL directly
- Post-deploy scripts detect WAF mode and route API calls through
  the frontend App Service proxy
- Non-WAF deployments remain unchanged (direct backend access)

Resolves AB#39249

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: Prajwal-Microsoft

infra/main.bicep

@@ -1535,6 +1535,7 @@ module webSite 'modules/web-sites.bicep' = {
           WEBSITES_CONTAINER_START_TIME_LIMIT: '1800' // 30 minutes, adjust as needed
           BACKEND_API_URL: 'https://${containerApp.outputs.fqdn}'
           AUTH_ENABLED: 'false'
+          PROXY_API_REQUESTS: enablePrivateNetworking ? 'true' : 'false'
         }
         // WAF aligned configuration for Monitoring
         applicationInsightResourceId: enableMonitoring ? applicationInsights!.outputs.resourceId : null

infra/main_custom.bicep

@@ -1587,6 +1587,7 @@ module webSite 'modules/web-sites.bicep' = {
           BACKEND_API_URL: 'https://${containerApp.outputs.fqdn}'
           AUTH_ENABLED: 'false'
           ENABLE_ORYX_BUILD: 'True'
+          PROXY_API_REQUESTS: enablePrivateNetworking ? 'true' : 'false'
         }
         // WAF aligned configuration for Monitoring
         applicationInsightResourceId: enableMonitoring ? applicationInsights!.outputs.resourceId : null

infra/scripts/Selecting-Team-Config-And-Data.ps1

@@ -445,6 +445,27 @@ do {
     }
 } while (-not $useCaseValid)
 
+# WAF/Private Networking: If the Container App has IP restrictions or internal ingress,
+# the backendUrl is not reachable from the developer's machine. Route through the frontend
+# App Service proxy instead, which is public and forwards /api/* to the private backend over VNet.
+$solutionSuffix = az group show --name $ResourceGroup --query "tags.SolutionSuffix" -o tsv 2>$null
+if ($solutionSuffix) {
+    $containerAppName = "ca-$solutionSuffix"
+    $isExternal = az containerapp show --name $containerAppName --resource-group $ResourceGroup `
+        --query "properties.configuration.ingress.external" -o tsv 2>$null
+    $hasIpRestrictions = az containerapp show --name $containerAppName --resource-group $ResourceGroup `
+        --query "length(properties.configuration.ingress.ipSecurityRestrictions || ``[]``)" -o tsv 2>$null
+    $proxyEnabled = az webapp config appsettings list --name "app-$solutionSuffix" --resource-group $ResourceGroup `
+        --query "[?name=='PROXY_API_REQUESTS'].value" -o tsv 2>$null
+    if ($isExternal -eq "false" -or [int]$hasIpRestrictions -gt 0 -or $proxyEnabled -eq "true") {
+        $frontendHostname = "app-$solutionSuffix"
+        $frontendUrl = "https://${frontendHostname}.azurewebsites.net"
+        Write-Host "Private networking detected: Container App has restricted access."
+        Write-Host "Routing API calls through frontend App Service: $frontendUrl"
+        $script:backendUrl = $frontendUrl
+    }
+}
+
 Write-Host ""
 Write-Host "==============================================="
 Write-Host "Values to be used:"

infra/scripts/selecting_team_config_and_data.sh

@@ -453,6 +453,27 @@ while [[ "$useCaseValid" != true ]]; do
     fi
 done
 
+# WAF/Private Networking: If the Container App has IP restrictions or internal ingress,
+# the backendUrl is not reachable from the developer's machine. Route through the frontend
+# App Service proxy instead, which is public and forwards /api/* to the private backend over VNet.
+solutionSuffix=$(az group show --name "$ResourceGroup" --query "tags.SolutionSuffix" -o tsv 2>/dev/null)
+if [[ -n "$solutionSuffix" ]]; then
+    containerAppName="ca-${solutionSuffix}"
+    isExternal=$(az containerapp show --name "$containerAppName" --resource-group "$ResourceGroup" \
+        --query "properties.configuration.ingress.external" -o tsv 2>/dev/null)
+    hasIpRestrictions=$(az containerapp show --name "$containerAppName" --resource-group "$ResourceGroup" \
+        --query "length(properties.configuration.ingress.ipSecurityRestrictions || \`[]\`)" -o tsv 2>/dev/null)
+    proxyEnabled=$(az webapp config appsettings list --name "app-${solutionSuffix}" --resource-group "$ResourceGroup" \
+        --query "[?name=='PROXY_API_REQUESTS'].value" -o tsv 2>/dev/null)
+    if [[ "$isExternal" == "false" ]] || [[ "$hasIpRestrictions" -gt 0 ]] || [[ "$proxyEnabled" == "true" ]]; then
+        frontendHostname="app-${solutionSuffix}"
+        frontendUrl="https://${frontendHostname}.azurewebsites.net"
+        echo "Private networking detected: Container App has restricted access."
+        echo "Routing API calls through frontend App Service: $frontendUrl"
+        backendUrl="$frontendUrl"
+    fi
+fi
+
 echo ""
 echo "==============================================="
 echo "Values to be used:"

src/App/frontend_server.py

@@ -1,10 +1,11 @@
 import os
 
+import httpx
 import uvicorn
 from dotenv import load_dotenv
-from fastapi import FastAPI
+from fastapi import FastAPI, Request
 from fastapi.middleware.cors import CORSMiddleware
-from fastapi.responses import FileResponse
+from fastapi.responses import FileResponse, StreamingResponse
 from fastapi.staticfiles import StaticFiles
 
 # Load environment variables from .env file
@@ -23,6 +24,10 @@
 BUILD_DIR = os.path.join(os.path.dirname(__file__), "build")
 INDEX_HTML = os.path.join(BUILD_DIR, "index.html")
 
+# Proxy configuration for WAF/private networking deployments
+PROXY_API_REQUESTS = os.getenv("PROXY_API_REQUESTS", "false").lower() == "true"
+BACKEND_API_URL = os.getenv("BACKEND_API_URL", "http://localhost:8000")
+
 # Serve static files from build directory
 app.mount(
     "/assets", StaticFiles(directory=os.path.join(BUILD_DIR, "assets")), name="assets"
@@ -36,17 +41,59 @@ async def serve_index():
 
 @app.get("/config")
 async def get_config():
-    backend_url = os.getenv("BACKEND_API_URL", "http://localhost:8000")
     auth_enabled = os.getenv("AUTH_ENABLED", "false")
-    backend_url = backend_url + "/api"
+
+    if PROXY_API_REQUESTS:
+        # WAF mode: frontend proxies API calls, so tell browser to use same origin
+        api_url = "/api"
+    else:
+        # Non-WAF mode: browser calls backend directly
+        backend_url = os.getenv("BACKEND_API_URL", "http://localhost:8000")
+        api_url = backend_url + "/api"
 
     config = {
-        "API_URL": backend_url,
+        "API_URL": api_url,
         "ENABLE_AUTH": auth_enabled,
     }
     return config
 
 
+@app.get("/health")
+async def health():
+    return {"status": "healthy"}
+
+
+# API proxy routes for WAF/private networking deployments
+if PROXY_API_REQUESTS:
+
+    @app.api_route("/api/{path:path}", methods=["GET", "POST", "PUT", "DELETE", "PATCH"])
+    async def proxy_api(request: Request, path: str):
+        """Proxy API requests to the private backend over VNet."""
+        target_url = f"{BACKEND_API_URL}/api/{path}"
+        query_string = str(request.query_params)
+        if query_string:
+            target_url = f"{target_url}?{query_string}"
+
+        headers = dict(request.headers)
+        headers.pop("host", None)
+
+        body = await request.body()
+
+        async with httpx.AsyncClient(timeout=300.0) as client:
+            response = await client.request(
+                method=request.method,
+                url=target_url,
+                headers=headers,
+                content=body,
+            )
+
+        return StreamingResponse(
+            iter([response.content]),
+            status_code=response.status_code,
+            headers=dict(response.headers),
+        )
+
+
 @app.get("/{full_path:path}")
 async def serve_app(full_path: str):
     # Remediation: normalize and check containment before serving

src/App/requirements.txt

@@ -4,4 +4,5 @@ uvicorn[standard]
 jinja2
 azure-identity
 python-dotenv
-python-multipart
+python-multipart
+httpx