Skip to content

christianponzoni-quix/Samhammer.Authentication

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
src
src
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Build Status

Samhammer.Authentication.Api

This provides a way to secure your api with keycloak jwt bearer authentication.

How to add this to your project:

How to use:

Keycloak JWT Authentication

Add it to your api.

public void ConfigureServices(IServiceCollection services)
{
    services.AddJwtAuthentication()
        .AddKeycloak(Configuration);
}

public void Configure(IApplicationBuilder app)
{
    app.UseAuthentication();
    app.UseAuthorization();
}

Api calls requires auhorization header with an JWT token from keycloak.

POST https://myapi/action HTTP/1.1
Auhorization: Bearer JwtTokenContent

If you pass "IConfiguration" instead of "Action<ApiAuthOptions>" to "AddKeycloak" add the following to appsettings.json:

  "ApiAuthOptions": {
    "Issuer": "<<KeycloakTokenIssuerUrl>>",
    "ClientId": "<<ClientIdRepresentingYourApp>>"
  }

Guest Authentication

Add it to your api.

public void ConfigureServices(IServiceCollection services)
{
    services.AddAuthentication(GuestAuthenticationDefaults.AuthenticationScheme)
        .AddGuest(Configuration);
}

Api calls requires header guestid with an "Version 4 UUID".

POST https://myapi/action HTTP/1.1
guestid: 1c11792b-538f-4908-992d-6570bb268e60

If you pass "IConfiguration" instead of "Action<GuestAuthOptions>" to "AddGuest" you can can override the default settings in appsettings.json:

  "GuestAuthOptions": {
    "Enabled": true,
    "Name": "guest-[GuestID]",    
    "Role": "SomeGuestRole",
    "Validator": "[0-9a-fA-F]{8}\\-[0-9a-fA-F]{4}\\-[0-9a-fA-F]{4}\\-[0-9a-fA-F]{4}\\-[0-9a-fA-F]{12}"
  }

Mixed Authentication

You can also setup both authentication types. In the example below jwt keycloak will be the default.

public void ConfigureServices(IServiceCollection services)
{
    services.AddJwtAuthentication()
        .AddKeycloak(Configuration)
        .AddGuest(Configuration);
}

You can setup your supported authentication types on each controller action per attribute.

[HttpPost]
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme + ", " + GuestAuthenticationDefaults.AuthenticationScheme)]
public async Task<IActionResult> ActionForBoth()
{}

[HttpPost]
[Authorize(GuestAuthenticationDefaults.AuthenticationScheme)]
public async Task<IActionResult> ActionForGuests()
{}

Contribute

How to publish a nuget package

  • set package version in Samhammer.Authentication.Api.csproj
  • set package version in Samhammer.Authentication.Abstractions.csproj
  • create git tag
  • dotnet pack -c Release
  • nuget push Samhammer.Authentication.Api\bin\Release\Samhammer.Authentication.Api.*.nupkg NUGET_API_KEY -src https://api.nuget.org/v3/index.json
  • nuget push Samhammer.Authentication.Abstractions\bin\Release\Samhammer.Authentication.Abstractions.*.nupkg NUGET_API_KEY -src https://api.nuget.org/v3/index.json
  • (optional) nuget setapikey NUGET_API_KEY -source https://api.nuget.org/v3/index.json

About

Keycloak authentication for .NET Core projects

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

4 tags

Packages

No packages published

Languages

  • C# 100.0%