Cirreum.AuthenticationProvider
1.0.0
See the version list below for details.
dotnet add package Cirreum.AuthenticationProvider --version 1.0.0
NuGet\Install-Package Cirreum.AuthenticationProvider -Version 1.0.0
<PackageReference Include="Cirreum.AuthenticationProvider" Version="1.0.0" />
<PackageVersion Include="Cirreum.AuthenticationProvider" Version="1.0.0" />
<PackageReference Include="Cirreum.AuthenticationProvider" />
paket add Cirreum.AuthenticationProvider --version 1.0.0
#r "nuget: Cirreum.AuthenticationProvider, 1.0.0"
#:package Cirreum.AuthenticationProvider@1.0.0
#addin nuget:?package=Cirreum.AuthenticationProvider&version=1.0.0
#tool nuget:?package=Cirreum.AuthenticationProvider&version=1.0.0
Cirreum.AuthenticationProvider
Authentication track abstractions for the Cirreum framework — the contracts scheme implementations and runtime composition build on.
Overview
Cirreum.AuthenticationProvider is the abstraction layer for Cirreum's Authentication pillar (one of the three-pillar separation: Identity / Authentication / Authorization). It defines the contracts that:
- Scheme packages implement —
Cirreum.Authentication.ApiKey,Cirreum.Authentication.SignedRequest,Cirreum.Authentication.SessionTicket, etc. - Runtime composition wires —
Cirreum.Runtime.AuthenticationProvider(the dynamic forward scheme resolver, auth-event hosted handlers, cache invalidators, boot-time analyzers) - The umbrella package exposes —
Cirreum.Runtime.Authentication(theAddAuthentication(...)app-facing builder)
Contract surface
Schemes:
ISchemeSelector+SchemeCategoryenum — per-request scheme dispatch (open/closed)CredentialTransportenum — where the scheme reads its credentialISignedRequestAlgorithm+ resolver — version-pluggable crypto for SignedRequest schemeSessionTicketfamily — HTTP→long-lived-connection handoff primitives
Patterns:
IAuthenticationBuilder— the builder surface scheme registrations extend[AllowPendingAuth]— opt-in for Two-Phase Auth's anonymous-pending-auth pattern
Compositions:
IAuthenticationBoundaryResolver— resolves Global vs Tenant vs None per the configured PrimarySchemeClaimsUserProfileEnricher— defaultIUserProfileEnricherimplIUserProfileEnrichmentBuilder,IGraphEnabledBuilder,IExternalGraphEnabledBuilder— extensibility seams for claim enrichment scenariosIRevokedCredentialProvider— app-side credential revocation hydration
Where it fits
Cirreum.Kernel (auth event bus — IAuthenticationEventPublisher/Handler)
Cirreum.AuthenticationProvider ← this package
Cirreum.Authentication.{Scheme} — ApiKey, SignedRequest, SessionTicket, ...
Cirreum.Runtime.AuthenticationProvider
Cirreum.Runtime.Authentication (app-facing umbrella; AddAuthentication(...))
License
MIT — see LICENSE.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
-
net10.0
- Cirreum.Contracts (>= 1.1.0)
- Cirreum.Providers (>= 1.2.1)
NuGet packages (8)
Showing the top 5 NuGet packages that depend on Cirreum.AuthenticationProvider:
| Package | Downloads |
|---|---|
|
Cirreum.Services.Server
Service library for Cirreum ASP.NET servers. Absorbs the per-source Invocation packages (HTTP, WebSocket, SignalR) so a single package owns the framework's server-side invocation surface, including the per-server connection registry and the auth-event connection terminator (revocation / forced sign-out aborts a subject's live long-lived connections). |
|
|
Cirreum.Authentication.External
BYOID (Bring-Your-Own-IDp) external authentication scheme for the Cirreum framework. Validates JWT bearer tokens from multiple customer Identity Providers (Okta, Auth0, customer Entra tenants) per tenant-identifier resolution (header / path / subdomain), via an ISchemeSelector that routes to the resolved tenant's issuer. |
|
|
Cirreum.Authentication.ApiKey
ApiKey authentication scheme for the Cirreum framework. Provides the ApiKey authentication handler, options, registrar, ISchemeSelector, and a source-based client resolver family — static configured keys plus dynamic default / named sources (with optional per-source caching and X-Api-Source routing). Supports both Authorization: Bearer and custom-header credential transports. |
|
|
Cirreum.Authentication.Entra
Azure Entra ID authentication scheme for the Cirreum framework. Wraps Microsoft.Identity.Web for Entra-issued JWT validation (Web API) and OpenID Connect (Web App). |
|
|
Cirreum.Authentication.SignedRequest
SignedRequest authentication scheme for the Cirreum framework. Verifies RFC 9421 HTTP Message Signatures (HMAC-SHA256, with a pluggable algorithm resolver) and RFC 9530 Content-Digest for partner / M2M integrations, and signs outbound requests. Ships the authentication handler, ISchemeSelector, the dynamic credential resolver, and the strict-nonce replay posture. |
GitHub repositories
This package is not used by any popular GitHub repositories.