Cirreum.Runtime.IdentityProvider
1.0.5
dotnet add package Cirreum.Runtime.IdentityProvider --version 1.0.5
NuGet\Install-Package Cirreum.Runtime.IdentityProvider -Version 1.0.5
<PackageReference Include="Cirreum.Runtime.IdentityProvider" Version="1.0.5" />
<PackageVersion Include="Cirreum.Runtime.IdentityProvider" Version="1.0.5" />
<PackageReference Include="Cirreum.Runtime.IdentityProvider" />
paket add Cirreum.Runtime.IdentityProvider --version 1.0.5
#r "nuget: Cirreum.Runtime.IdentityProvider, 1.0.5"
#:package Cirreum.Runtime.IdentityProvider@1.0.5
#addin nuget:?package=Cirreum.Runtime.IdentityProvider&version=1.0.5
#tool nuget:?package=Cirreum.Runtime.IdentityProvider&version=1.0.5
Cirreum Runtime IdentityProvider
Runtime-layer registration helper for the Cirreum Identity provider family.
Overview
Cirreum.Runtime.IdentityProvider is the Runtime-layer library that bootstraps any IdentityProviderRegistrar<TSettings, TInstanceSettings> from configuration. Single responsibility: given a registrar type, bind the corresponding config section and call both phases of the registrar's lifecycle correctly.
Apps do not reference this package directly — they install a Runtime Extensions package such as Cirreum.Runtime.Identity.Oidc, Cirreum.Runtime.Identity.EntraExternalId, or the umbrella Cirreum.Runtime.Identity, which use this helper internally.
Two-phase registration recap
Identity provider registrars run in two phases:
- Services phase (before
builder.Build()) —Register(settings, services, configuration)wires up DI. - Endpoints phase (after
builder.Build()) —Map(settings, endpoints)maps HTTP routes.
IEndpointRouteBuilder isn't available at builder time, so this helper runs phase 1 immediately and stashes a closure for phase 2 as a DI singleton. The Runtime Extensions layer pulls the stashed closures at Map*Identity() / MapIdentity() call time and invokes them against the live IEndpointRouteBuilder.
API
RegisterIdentityProvider<TRegistrar, TSettings, TInstanceSettings>()
using Microsoft.Extensions.Hosting;
builder.RegisterIdentityProvider<
OidcIdentityProviderRegistrar,
OidcIdentityProviderSettings,
OidcIdentityProviderInstanceSettings>();
Generally called from inside per-protocol Runtime Extension packages (AddOidcIdentity(), AddEntraExternalIdIdentity()), not from app code.
What it does:
- Dedup check via marker-type registration — repeated calls for the same
TRegistrarare no-ops. - Binds
Cirreum:Identity:Providers:{ProviderName}fromIConfigurationtoTSettings. - Skips with a debug log if the section is missing (or throws if
required: truewas passed). - Calls
registrar.Register(providerSettings, services, configuration)— services phase. - Registers an
IdentityProviderMappingin DI capturing a closure overregistrar.Map(providerSettings, endpoints)— deferred endpoints phase.
IIdentityBuilder / IdentityBuilder
The fluent configuration builder passed into the AddIdentity(configure) callback in the Runtime Extensions layer. Consumers use it to register application-provided IUserProvisioner implementations against their configured instance keys:
builder.AddIdentity(p => p
.AddProvisioner<ClientABorrowerProvisioner>("clientA_descope")
.AddProvisioner<ClientBBorrowerProvisioner>("clientB_descope"));
AddProvisioner<TProvisioner>(instanceKey) registers the provisioner as a keyed scoped service. The identity provider handler resolves the keyed service by ProvisionContext.Source (= the instance key) at callback time. HostBuilder is exposed on the builder for advanced scenarios that need the underlying IHostApplicationBuilder.
Defined here (not duplicated per Runtime Extensions package) so the callback-based API composes identically whether the app installs a single per-protocol package or the umbrella.
IdentityProviderMapping (stashed in DI)
public sealed record IdentityProviderMapping(
string ProviderName,
Action<IEndpointRouteBuilder> Map);
Runtime Extensions packages resolve IEnumerable<IdentityProviderMapping> at Map*Identity() time:
- The umbrella
MapIdentity()invokes every registered mapping. - A per-protocol
MapOidcIdentity()filters byProviderName == "Oidc"and invokes just those.
Dependencies
- Cirreum.IdentityProvider — base registrar, settings, provisioning contracts
- Cirreum.Logging.Deferred — deferred logging for startup diagnostics
- Microsoft.AspNetCore.App —
IEndpointRouteBuilder
Versioning
Follows Semantic Versioning. Foundational library — major bumps are rare and coordinated with Cirreum.IdentityProvider releases.
License
MIT — see LICENSE.
Cirreum Foundation Framework
Layered simplicity for modern .NET
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
-
net10.0
- Cirreum.IdentityProvider (>= 1.0.6)
- Cirreum.Logging.Deferred (>= 1.0.115)
NuGet packages (2)
Showing the top 2 NuGet packages that depend on Cirreum.Runtime.IdentityProvider:
| Package | Downloads |
|---|---|
|
Cirreum.Runtime.Identity.Oidc
Runtime Extensions package for Cirreum Identity Oidc — app-facing AddOidcIdentity() and MapOidcIdentity() extensions that wire the Oidc identity provider from configuration. |
|
|
Cirreum.Runtime.Identity.EntraExternalId
Runtime Extensions package for Cirreum Identity EntraExternalId — app-facing AddEntraExternalIdIdentity() and MapEntraExternalIdIdentity() extensions that wire the Entra External ID identity provider from configuration. |
GitHub repositories
This package is not used by any popular GitHub repositories.