MasLazu.AspNet.ApiKey.Abstraction
1.0.0-preview.1
This is a prerelease version of MasLazu.AspNet.ApiKey.Abstraction.
dotnet add package MasLazu.AspNet.ApiKey.Abstraction --version 1.0.0-preview.1
NuGet\Install-Package MasLazu.AspNet.ApiKey.Abstraction -Version 1.0.0-preview.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="MasLazu.AspNet.ApiKey.Abstraction" Version="1.0.0-preview.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="MasLazu.AspNet.ApiKey.Abstraction" Version="1.0.0-preview.1" />
<PackageReference Include="MasLazu.AspNet.ApiKey.Abstraction" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add MasLazu.AspNet.ApiKey.Abstraction --version 1.0.0-preview.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: MasLazu.AspNet.ApiKey.Abstraction, 1.0.0-preview.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#:package MasLazu.AspNet.ApiKey.Abstraction@1.0.0-preview.1
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.
#addin nuget:?package=MasLazu.AspNet.ApiKey.Abstraction&version=1.0.0-preview.1&prerelease
#tool nuget:?package=MasLazu.AspNet.ApiKey.Abstraction&version=1.0.0-preview.1&prerelease
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
MasLazu.AspNet.ApiKey.Abstraction
A clean abstraction layer for API key management, providing contracts and data models for secure API key lifecycle management.
Overview
This project defines the core interfaces and data transfer objects for API key management functionality. It serves as the foundation for implementing API key services in ASP.NET Core applications.
Features
- ✅ API Key Management: Complete CRUD operations for API keys
- ✅ Permission Scopes: Granular permission management through scopes
- ✅ Key Rotation: Secure key regeneration capabilities
- ✅ Validation: Built-in API key validation with permission checking
- ✅ Audit Trail: Tracking of key usage and lifecycle events
- ✅ Type Safety: Strongly-typed models with nullable reference types
Core Interfaces
IApiKeyService
Primary interface for API key management operations:
public interface IApiKeyService : ICrudService<ApiKeyDto, CreateApiKeyRequest, UpdateApiKeyRequest>
{
Task RevokeAsync(Guid userId, Guid apiKeyId, CancellationToken cancellationToken = default);
Task<ApiKeyDto> RotateAsync(Guid userId, Guid apiKeyId, CancellationToken cancellationToken = default);
Task<bool> ValidateAsync(ValidateApiKeyRequest request, CancellationToken cancellationToken = default);
Task RevokeAllForUserAsync(Guid userId, CancellationToken cancellationToken = default);
Task UpdateLastUsedAsync(Guid userId, Guid apiKeyId, CancellationToken cancellationToken = default);
Task<IEnumerable<ApiKeyDto>> GetByUserIdAsync(Guid userId, CancellationToken cancellationToken = default);
}
IApiKeyScopeService
Interface for managing permission scopes:
public interface IApiKeyScopeService : ICrudService<ApiKeyScopeDto, CreateApiKeyScopeRequest, UpdateApiKeyScopeRequest>
{
Task<ApiKeyScopeDto> AddScopeAsync(Guid userId, ApiKeyScopeRequest request, CancellationToken cancellationToken = default);
Task RemoveScopeAsync(Guid userId, ApiKeyScopeRequest request, CancellationToken cancellationToken = default);
}
Data Models
ApiKeyDto
Complete representation of an API key:
public record ApiKeyDto(
Guid Id,
Guid UserId,
string Key,
string? Name,
DateTimeOffset? ExpiresDate,
DateTimeOffset? LastUsed,
DateTimeOffset? RevokedDate,
DateTimeOffset CreatedAt,
DateTimeOffset? UpdatedAt
) : BaseDto(Id, CreatedAt, UpdatedAt);
ApiKeyScopeDto
Represents a permission scope for an API key:
public record ApiKeyScopeDto(
Guid Id,
Guid ApiKeyId,
Guid PermissionId,
DateTimeOffset CreatedAt,
DateTimeOffset? UpdatedAt
) : BaseDto(Id, CreatedAt, UpdatedAt);
Request Models
CreateApiKeyRequest
public record CreateApiKeyRequest(
Guid UserId,
string? Name,
DateTime? ExpiresDate
);
UpdateApiKeyRequest
public record UpdateApiKeyRequest(
Guid Id,
string? Name,
DateTime? ExpiresDate,
DateTime? RevokedDate
) : BaseUpdateRequest(Id);
ValidateApiKeyRequest
public record ValidateApiKeyRequest(
string Key,
Guid? PermissionId
);
Dependencies
- .NET 9.0
- MasLazu.AspNet.Framework.Application (1.0.0-preview.6)
Dependencies Diagram
graph TD
A[MasLazu.AspNet.ApiKey.Abstraction] --> B[MasLazu.AspNet.Framework.Application]
Usage
Service Registration
builder.Services.AddScoped<IApiKeyService, ApiKeyService>();
builder.Services.AddScoped<IApiKeyScopeService, ApiKeyScopeService>();
Basic Operations
// Create API key
var request = new CreateApiKeyRequest(userId, "My API Key", DateTime.UtcNow.AddDays(30));
var apiKey = await apiKeyService.CreateAsync(userId, request);
// Validate API key
var isValid = await apiKeyService.ValidateAsync(new ValidateApiKeyRequest("api-key", permissionId));
// Rotate API key
var rotatedKey = await apiKeyService.RotateAsync(userId, apiKey.Id);
Project Structure
MasLazu.AspNet.ApiKey.Abstraction/
├── Interfaces/
│ ├── IApiKeyService.cs
│ └── IApiKeyScopeService.cs
├── Models/
│ ├── ApiKeyDto.cs
│ ├── ApiKeyScopeDto.cs
│ ├── CreateApiKeyRequest.cs
│ ├── CreateApiKeyScopeRequest.cs
│ ├── UpdateApiKeyRequest.cs
│ ├── UpdateApiKeyScopeRequest.cs
│ ├── ApiKeyScopeRequest.cs
│ └── ValidateApiKeyRequest.cs
└── MasLazu.AspNet.ApiKey.Abstraction.csproj
Key Methods
API Key Operations
CreateAsync()- Create new API keyGetByIdAsync()- Retrieve API key by IDUpdateAsync()- Update API key propertiesDeleteAsync()- Delete API keyRevokeAsync()- Revoke API keyRotateAsync()- Generate new key valueValidateAsync()- Validate key and permissionsRevokeAllForUserAsync()- Revoke all keys for userGetByUserIdAsync()- Get all keys for user
Scope Operations
CreateAsync()- Create new scopeGetByIdAsync()- Retrieve scope by IDUpdateAsync()- Update scope propertiesDeleteAsync()- Delete scopeAddScopeAsync()- Add permission to API keyRemoveScopeAsync()- Remove permission from API key
Design Principles
- Interface Segregation: Focused, single-responsibility interfaces
- Dependency Inversion: Abstractions over concretions
- Type Safety: Strong typing with nullable reference types
- Async Support: Full async/await with cancellation tokens
- Clean Contracts: Well-defined method signatures and return types
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net9.0 is compatible. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net9.0
- MasLazu.AspNet.Framework.Application (>= 1.0.0-preview.6)
NuGet packages (2)
Showing the top 2 NuGet packages that depend on MasLazu.AspNet.ApiKey.Abstraction:
| Package | Downloads |
|---|---|
|
MasLazu.AspNet.ApiKey
Core service layer for MasLazu ASP.NET API Key management. Contains service implementations for API key operations. |
|
|
MasLazu.AspNet.ApiKey.Endpoint
API endpoints for MasLazu ASP.NET API Key management. Contains REST API endpoints using FastEndpoints. |
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last Updated |
|---|---|---|
| 1.0.0-preview.1 | 89 | 9/20/2025 |
See RELEASES.md for release notes.