Samhammer.Authentication.Abstractions
8.0.0
dotnet add package Samhammer.Authentication.Abstractions --version 8.0.0
NuGet\Install-Package Samhammer.Authentication.Abstractions -Version 8.0.0
<PackageReference Include="Samhammer.Authentication.Abstractions" Version="8.0.0" />
paket add Samhammer.Authentication.Abstractions --version 8.0.0
#r "nuget: Samhammer.Authentication.Abstractions, 8.0.0"
// Install Samhammer.Authentication.Abstractions as a Cake Addin #addin nuget:?package=Samhammer.Authentication.Abstractions&version=8.0.0 // Install Samhammer.Authentication.Abstractions as a Cake Tool #tool nuget:?package=Samhammer.Authentication.Abstractions&version=8.0.0
Samhammer.Authentication.Api
This provides a way to secure your api with keycloak jwt bearer authentication.
How to add this to your project:
- reference this nuget package: https://www.nuget.org/packages/Samhammer.Authentication.Api/
How to use:
Keycloak JWT Authentication
Add it to your api.
public void ConfigureServices(IServiceCollection services)
{
services.AddJwtAuthentication()
.AddKeycloak(Configuration);
}
public void Configure(IApplicationBuilder app)
{
app.UseAuthentication();
app.UseAuthorization();
}
Api calls requires auhorization header with an JWT token from keycloak.
POST https://myapi/action HTTP/1.1
Auhorization: Bearer JwtTokenContent
If you pass "IConfiguration" instead of "Action<ApiAuthOptions>" to "AddKeycloak" add the following to appsettings.json:
"ApiAuthOptions": {
"Issuer": "<<KeycloakTokenIssuerUrl>>",
"ClientId": "<<ClientIdRepresentingYourApp>>",
"NameClaim": "<<NameOfClaimWhichShouldBeSetToNameClaim>>"
}
NameClaim is optional and default value is "preferred_username"
Guest Authentication
Add it to your api.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(GuestAuthenticationDefaults.AuthenticationScheme)
.AddGuest(Configuration);
}
Api calls requires header guestid with an "Version 4 UUID".
POST https://myapi/action HTTP/1.1
guestid: 1c11792b-538f-4908-992d-6570bb268e60
If you pass "IConfiguration" instead of "Action<GuestAuthOptions>" to "AddGuest" you can can override the default settings in appsettings.json:
"GuestAuthOptions": {
"Enabled": true,
"Name": "guest-[GuestID]",
"Role": "SomeGuestRole",
"Validator": "[0-9a-fA-F]{8}\\-[0-9a-fA-F]{4}\\-[0-9a-fA-F]{4}\\-[0-9a-fA-F]{4}\\-[0-9a-fA-F]{12}"
}
Mixed Authentication
You can also setup both authentication types. In the example below jwt keycloak will be the default.
public void ConfigureServices(IServiceCollection services)
{
services.AddJwtAuthentication()
.AddKeycloak(Configuration)
.AddGuest(Configuration);
}
You can setup your supported authentication types on each controller action per attribute.
[HttpPost]
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme + ", " + GuestAuthenticationDefaults.AuthenticationScheme)]
public async Task<IActionResult> ActionForBoth()
{}
[HttpPost]
[Authorize(GuestAuthenticationDefaults.AuthenticationScheme)]
public async Task<IActionResult> ActionForGuests()
{}
Samhammer.Authentication.Client
The library provides extension methods for authentication client. This library is using Duende.AccessTokenManagement under the hood.
Currently, we have the ClientCredentialsConfigureExtensions class which provides an extension method for ClientCredentialsClient to add a client with options monitor support. Ensure to call extension method AddClientCredentialsTokenManagement of Duende before!
How to use in Program.cs
builder.Services.AddDistributedMemoryCache();
builder.Services.AddClientCredentialsTokenManagement();
builder.Services.AddClientCredentialsOptions<ApiAuthOptions>("defaultAuth", (client, authOptions) =>
{
client.TokenEndpoint = authOptions.AccessTokenUrl;
client.ClientId = authOptions.ClientId;
client.ClientSecret = authOptions.ClientSecret;
});
builder.Services
.AddHttpClient<TInterface, TService>())
.AddClientCredentialsTokenHandler("defaultAuth");
Contribute
How to publish a nuget package
- Create a tag and let the github action do the publishing for you
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
| .NET Core | netcoreapp2.0 was computed. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
| .NET Standard | netstandard2.0 is compatible. netstandard2.1 was computed. |
| .NET Framework | net461 was computed. net462 was computed. net463 was computed. net47 was computed. net471 was computed. net472 was computed. net48 was computed. net481 was computed. |
| MonoAndroid | monoandroid was computed. |
| MonoMac | monomac was computed. |
| MonoTouch | monotouch was computed. |
| Tizen | tizen40 was computed. tizen60 was computed. |
| Xamarin.iOS | xamarinios was computed. |
| Xamarin.Mac | xamarinmac was computed. |
| Xamarin.TVOS | xamarintvos was computed. |
| Xamarin.WatchOS | xamarinwatchos was computed. |
-
.NETStandard 2.0
- No dependencies.
NuGet packages (1)
Showing the top 1 NuGet packages that depend on Samhammer.Authentication.Abstractions:
| Package | Downloads |
|---|---|
|
Samhammer.Authentication.Api
Keycloak authentication for .NET Core projects |
GitHub repositories
This package is not used by any popular GitHub repositories.