JN.Authentication
1.3.0
See the version list below for details.
dotnet add package JN.Authentication --version 1.3.0
NuGet\Install-Package JN.Authentication -Version 1.3.0
<PackageReference Include="JN.Authentication" Version="1.3.0" />
paket add JN.Authentication --version 1.3.0
#r "nuget: JN.Authentication, 1.3.0"
// Install JN.Authentication as a Cake Addin #addin nuget:?package=JN.Authentication&version=1.3.0 // Install JN.Authentication as a Cake Tool #tool nuget:?package=JN.Authentication&version=1.3.0
JN.Authentication
Simple Authentication implementation for ASP.NET Core.
- Basic Authentication Scheme
- API Key Custom Authentication Scheme
Install
Download the package from NuGet:
Install-Package JN.Authentication -Version [version number]
Usage
First, you must add one (or both) authentication scheme to the application pipeline:
public void ConfigureServices(IServiceCollection services)
{
// Basic authentication
services.AddAuthentication(BasicAuthenticationDefaults.AuthenticationScheme)
.AddBasic(options =>
{
options.Realm = "api";
options.LogInformation = true; //optional, default is false;
options.HttpPostMethodOnly = false;
options.HeaderEncoding = Encoding.UTF8; //optional, default is UTF8;
options.ChallengeResponse = ValidationService.ChallengeResponse;
});
// validation service
services.AddSingleton<IBasicValidationService, BasicValidationService>();
// ApiKey authentication
services.AddAuthentication(ApiKeyAuthenticationDefaults.AuthenticationScheme)
.AddApiKey(options =>
{
options.LogInformation = true;
options.HttpPostMethodOnly = false;
options.AcceptsQueryString = true;
options.HeaderName = "ApiKey";
options.ChallengeResponse = ValidationService.ChallengeResponse;
});
// validation service
services.AddSingleton<IApiKeyValidationService, ApiKeyValidationService>();
}
ChallengeResponse
is a delegate called before a 401 response is sent to the client. It can be used to change the response (including content type). You can see an example here.
IBasicValidationService
and IApiKeyValidationService
should have an implementation where the access details are validated (for example by querying a database).
An implementation for ValidateUser
of interface IBasicValidationService
could be something like the following:
public async Task<ValidationResult> ValidateUser(string username, string password, string resourceName)
{
var user = await GetFromDB(username, password, resourceName);
if (user != null)
{
var claims = new[]
{
new Claim(ClaimTypes.GivenName, user.FullName),
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.Email, user.Email),
new Claim("IsAdmin", user.IsAdmin),
new Claim(ClaimTypes.Role, user.Roles)
};
var res = new ValidationResult
{
Success = true,
Claims = claims
};
return res;
}
return new ValidationResult
{
Success = false,
ErrorDescription = "Invalid User",
ErrorCode = -1
};
}
On your controllers add the Authorize
atribute and choose the Authentication Scheme ("Basic" or "ApiKey")
[Route("api/[controller]")]
[Authorize(AuthenticationSchemes = "Basic", Policy = "IsAdminPolicy")]
[ApiController]
public class BasicAuthSchemeTestController : ControllerBase
{
// Your code here
}
Options
Both authentication schemes allows to:
LogInformation
: log information using a logging providerHttpPostMethodOnly
: allows only POST requests
Basic allows to specify a Realm
and HeaderEncoding
.
ApiKey authentication allows to change the HeaderName
(default is "ApiKey") and can also accept the key in the query string (AcceptsQueryString
)
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. |
.NET Core | netcoreapp2.0 is compatible. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
-
.NETCoreApp 2.0
- Microsoft.AspNetCore.Authentication (>= 2.2.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Changes v1.3.0:
- added ContentType property to ChallengeResult object returned by delegate ChallengeResponse. This is useful to change response content type to "application/problem+json" if the content is a ProblemDetails object.
- added information about the HTTP request to ChallengeResponse delegate (RequestDetails object)
- updated dependencies