Kephas.Security
11.1.0-dev.2
Prefix Reserved
See the version list below for details.
dotnet add package Kephas.Security --version 11.1.0-dev.2
NuGet\Install-Package Kephas.Security -Version 11.1.0-dev.2
<PackageReference Include="Kephas.Security" Version="11.1.0-dev.2" />
paket add Kephas.Security --version 11.1.0-dev.2
#r "nuget: Kephas.Security, 11.1.0-dev.2"
// Install Kephas.Security as a Cake Addin #addin nuget:?package=Kephas.Security&version=11.1.0-dev.2&prerelease // Install Kephas.Security as a Cake Tool #tool nuget:?package=Kephas.Security&version=11.1.0-dev.2&prerelease
Security
Introduction
This package provides abstractions and base building blocks for authentication, authorization, and cryptography.
Packages providing advanced cryptography:
Cryptography
The encryption service
Usage
// normally you would get the encryption service injected into the service constructor.
var encryptionService = injector.Resolve<IEncryptionService>();
var encrypted = encryptionService.Encrypt("my-password");
var decrypted = encryptionService.Decrypt(encrypted);
Assert.AreEqual("my-password", decrypted);
The hashing service
Authentication
The authentication service
Authorization
The authorization service
The authorization service is used to ensure that a certain context has the required authorization.
IAuthorizationService
This is a singleton application service contract providing a single method:
AuthorizeAsync(authContext: IAuthorizationContext, cancellationToken: CancellationToken = default): Task<bool>
IAuthorizationContext
An authorization context contains:
- Identity (inherited from the base
IContext
): the identity requesting authorization. - RequiredPermissions/RequiredPermissionTypes: the list of permissions to check.
- Scope (optional): a scope object for which the required permissions apply.
- ThrowOnFailure (default
true
): A boolean value indicating whether to throw on authorization failure. If <c>false</c> is indicated, the authorization check will return <c>false</c> upon failure, otherwise an exception will occur.
The permission system
Data must be protected from unauthorized access for different kind of reasons. Kephas brings the required support at multiple levels providing built-in services supporting multiple authorization scenarios.
Permissions
Permissions are basically string tokens required by certain operations in a given context. Permissions:
- may use an "inheritance" model, with the meaning that if a permission inherits another permission, both of them are granted to the role associated to them.
- can be scoped to entity hierarchies and further to entity sections, meaning that they are granted only within that specific scope.
Permissions have associated metadata collected by the model space. They may be defined using interfaces with multiple inheritance, or (abstract) classes annotated with [GrantPermission]
attributes. To define custom permissions, use the following steps:
- Define the type holding the permission metadata.
[PermissionType("admin")]
public interface IAdminPermission : ICrudPermission, IExportImportPermission
{
}
// alternative way using abstract classes.
[PermissionType("admin")]
[GrantsPermission(typeof(CrudPermission), typeof(ExportImportPermission))]
public abstract class AdminPermission
{
}
- Annotate the assembly/namespace containing the definitions with
[PermissionAssembly]
attribute.
[assembly: PermissionAssembly("MyApp.Security.Permissions")]
- Use the permission using its .NET type, typically in
[RequiresPermission]
or[SupportsPermission]
attributes. Alternatively, such attributes support also permission names (strings), but it is not that safe for refactorings.
/// <summary>
/// An export hierarchy message.
/// </summary>
[RequiresPermission(typeof(IExportImportPermission))]
public class ExportHierarchyMessage : EntityActionMessage
{
/// <summary>
/// Gets or sets the export media type to use.
/// </summary>
/// <value>
/// The export media type.
/// </value>
public string MediaType { get; set; }
}
Note: It may be more practical to use interfaces, because this way the inheritance hierarchy can be displayed in a class diagram. Anyway, the interface inheritance model and the grants model can be combined, having the same effect.
Scoping permissions
Permissions may indicate a certain application scope. This can be:
Global
: No scoping required for this permission type, it will be granted and verified at global level.Type
: The scope for this permission is the entity type.Instance
: The scope for this permission is the entity instance.
These values are flags which can be combined to provide multiple supported scenarios for a specific permission type.
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net5.0 was computed. net5.0-windows was computed. net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
.NET Core | netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
.NET Standard | netstandard2.1 is compatible. |
MonoAndroid | monoandroid was computed. |
MonoMac | monomac was computed. |
MonoTouch | monotouch was computed. |
Tizen | tizen60 was computed. |
Xamarin.iOS | xamarinios was computed. |
Xamarin.Mac | xamarinmac was computed. |
Xamarin.TVOS | xamarintvos was computed. |
Xamarin.WatchOS | xamarinwatchos was computed. |
-
.NETStandard 2.1
- Kephas.Injection (>= 11.1.0-dev.2)
- Kephas.Reflection (>= 11.1.0-dev.2)
-
net6.0
- Kephas.Injection (>= 11.1.0-dev.2)
- Kephas.Reflection (>= 11.1.0-dev.2)
NuGet packages (8)
Showing the top 5 NuGet packages that depend on Kephas.Security:
Package | Downloads |
---|---|
Kephas.Core
Aggregates the most used Kephas infrastructure to provide a . Typically used areas and classes/interfaces/services: - AmbientServices - Data: IIdGenerator, DefaultIdGenerator. Kephas Framework ("stone" in aramaic) aims to deliver a solid infrastructure for applications and application ecosystems. |
|
Kephas.Mail
Provides the abstract infrastructure for mailing. Typically used areas and classes/interfaces/services: - IEmailMessage, IEmailAddress, IEmailAttachment - Services: IEmailSenderService, ISystemEmailSenderService. Kephas Framework ("stone" in aramaic) aims to deliver a solid infrastructure for applications and application ecosystems. |
|
Kephas.Security.Permissions
Provides an infrastructure for permissions. Typically used areas and classes/interfaces/services: - IPermissionService. Kephas Framework ("stone" in aramaic) aims to deliver a solid infrastructure for applications and application ecosystems. |
|
Kephas.Application.Abstractions
Provides abstractions for the application infrastructure. Typically used areas and classes/interfaces/services: - Application management: IAppRuntime, StaticAppRuntime, DynamicAppRuntime, IAppLifecyclebehavior, AppIdentity. Kephas Framework ("stone" in aramaic) aims to deliver a solid infrastructure for applications and application ecosystems. |
|
Kephas.Security.Cryptography
Provides implementations for the cryptographic services. Typically used areas and classes/interfaces/services: - AesEncryptionService. Kephas Framework ("stone" in aramaic) aims to deliver a solid infrastructure for applications and application ecosystems. |
GitHub repositories
This package is not used by any popular GitHub repositories.
Version | Downloads | Last updated |
---|---|---|
11.1.0 | 17,708 | 4/13/2022 |
11.1.0-dev.4 | 155 | 4/6/2022 |
11.1.0-dev.3 | 148 | 3/30/2022 |
11.1.0-dev.2 | 140 | 3/23/2022 |
11.1.0-dev.1 | 132 | 3/23/2022 |
11.0.0 | 17,078 | 3/11/2022 |
11.0.0-dev.7 | 152 | 3/7/2022 |
11.0.0-dev.6 | 135 | 2/28/2022 |
11.0.0-dev.5 | 137 | 2/26/2022 |
11.0.0-dev.4 | 144 | 2/24/2022 |
11.0.0-dev.3 | 141 | 2/23/2022 |
11.0.0-dev.2 | 138 | 2/18/2022 |
11.0.0-dev.1 | 139 | 2/7/2022 |
10.3.0 | 16,391 | 1/18/2022 |
10.2.0 | 9,818 | 12/3/2021 |
10.1.0 | 13,987 | 11/23/2021 |
10.1.0-dev.7 | 192 | 11/17/2021 |
10.1.0-dev.6 | 170 | 11/16/2021 |
10.1.0-dev.5 | 169 | 11/10/2021 |
10.1.0-dev.4 | 189 | 11/8/2021 |
10.1.0-dev.3 | 152 | 11/8/2021 |
10.1.0-dev.2 | 169 | 11/4/2021 |
10.1.0-dev.1 | 169 | 11/3/2021 |
Please check https://github.com/kephas-software/kephas/releases for the change log.
Also check the documentation and the samples from https://github.com/kephas-software/kephas/wiki and https://github.com/kephas-software/kephas/tree/master/Samples.