Axletree.Utils.Authorization
1.0.0
dotnet add package Axletree.Utils.Authorization --version 1.0.0
NuGet\Install-Package Axletree.Utils.Authorization -Version 1.0.0
<PackageReference Include="Axletree.Utils.Authorization" Version="1.0.0" />
paket add Axletree.Utils.Authorization --version 1.0.0
#r "nuget: Axletree.Utils.Authorization, 1.0.0"
// Install Axletree.Utils.Authorization as a Cake Addin #addin nuget:?package=Axletree.Utils.Authorization&version=1.0.0 // Install Axletree.Utils.Authorization as a Cake Tool #tool nuget:?package=Axletree.Utils.Authorization&version=1.0.0
Axletree.Utils.Authorization
Extracts a second authorization token used to bind user claims into dynamic policies with a custom AuthorizationAttribute.
Target .Net 6
Configuration
Bind claims from second auth token
Put the middleware responsible to extract the user claims from the second token into the app pipeline in this order:
app.UseAuthentication();
app.UseMiddleware<AuthorizationMiddleware>();
app.UseAuthorization();
Inside the appSettings.json include a section Auth with the type of the claims inside this way.
"Auth": {
...
"ClaimSectionName": "[CLAIM TYPE]",
...
}
Claim values must be structured this way:
"[entity]:[permission]"
Token validation
It is always necessary to include a key to validate the token signature inside the auth section of the appSetting.json
"Auth": {
...
"AuthAppClientSecret": "[Secret key]",
...
}
It can also be set to validate: -Issuer -Audience -Lifetime
Example Json:
"Auth": {
"ClaimSectionName": "[CLAIM TYPE]",
"AuthAppClientSecret": "[Secret key]",
"ValidateLifetime": "true",
"ValidateAudience": "false"
}
Add dynamic Policy provider
In Program.cs include
builder.Services.AddSingleton<IAuthorizationHandler, PermissionHandler>();
builder.Services.AddSingleton<IAuthorizationPolicyProvider, PermissionAuthorizationPolicyProvider>();
To replace default policy providers and default authorization handler. If the PermissionAuthorizeAttribute() is not used it falls back to default policy.
Usage
[Authorize]
public class SomethingController : BaseApiController
{
[HttpGet]
[PermissionAuthorizeAttribute("something","read")]
public IActionResult Get()
{
...
}
[HttpGet]
[PermissionAuthorizeAttribute("something", PermissionOperatorEnum.AND, new string[]{"read", "write"})]
public IActionResult Create()
{
...
}
}
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
-
net6.0
- Microsoft.AspNetCore.Authorization (>= 6.0.5)
- Microsoft.AspNetCore.Http.Abstractions (>= 2.2.0)
- Microsoft.Extensions.Configuration.Abstractions (>= 6.0.0)
- Microsoft.IdentityModel.Tokens (>= 6.18.0)
- System.IdentityModel.Tokens.Jwt (>= 6.18.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last updated |
|---|---|---|
| 1.0.0 | 231 | 5/30/2022 |