Be.Auto.Authentication.Keycloak.Role
1.0.1
dotnet add package Be.Auto.Authentication.Keycloak.Role --version 1.0.1
NuGet\Install-Package Be.Auto.Authentication.Keycloak.Role -Version 1.0.1
<PackageReference Include="Be.Auto.Authentication.Keycloak.Role" Version="1.0.1" />
paket add Be.Auto.Authentication.Keycloak.Role --version 1.0.1
#r "nuget: Be.Auto.Authentication.Keycloak.Role, 1.0.1"
// Install Be.Auto.Authentication.Keycloak.Role as a Cake Addin #addin nuget:?package=Be.Auto.Authentication.Keycloak.Role&version=1.0.1 // Install Be.Auto.Authentication.Keycloak.Role as a Cake Tool #tool nuget:?package=Be.Auto.Authentication.Keycloak.Role&version=1.0.1
ASP.NET Core Keycloak Integration
Overview
This project provides seamless integration between ASP.NET Core Razor Pages and Controllers with Keycloak authentication, specifically focusing on role-based authorization. The KeycloakAsyncAuthorizationFilter allows for automatic discovery of Razor Pages and Controllers, automatically adding them as roles in the Keycloak server. With this filter, you can use the [Authorize] attribute without explicitly specifying roles, enabling automatic role-based validation.
Installation
To use this integration, follow these steps:
Add the
KeycloakAsyncAuthorizationFilterto the service collection in theStartup.csfile:builder.Services.AddRazorPages().AddMvcOptions(t => { t.Filters.Add<KeycloakAsyncAuthorizationFilter>(); }); builder.Services.AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; }) .AddCookie(options => { options.Cookie.Name = "Test"; options.SlidingExpiration = true; }) .AddOpenIdConnect(options => { options.Authority = "http://localhost:8080/realms/master"; options.ClientId = "test-client"; options.ClientSecret = "85dFFVJ9zIghgWJQFaKKfxEIStt22vYG"; options.ResponseType = "code"; options.SaveTokens = false; options.Scope.Add("openid"); options.UsePkce = true; options.CallbackPath = "/signin-oidc"; options.SignedOutCallbackPath = "/signout-callback-oidc"; options.TokenValidationParameters = new TokenValidationParameters { NameClaimType = "name", RoleClaimType = ClaimTypes.Role, }; options.RequireHttpsMetadata = false; });If you are in a development environment, use the
MigrateKeycloakRolesmethod to automatically migrate Razor Pages and Controllers to Keycloak roles. Specify your Keycloak server details in the provided options:if (app.Environment.IsDevelopment()) { app.MigrateKeycloakRoles(option => { option.KeycloakUrl = "http://localhost:8080"; option.AdminClientId = "admin-cli"; option.AdminRealm = "master"; option.AdminClientSecret = "pMlTGidScso7dQ27AFY4DXczO8Baegtr"; option.ClientId = "test-client"; option.ClientRealm = "master"; option.AdminScope = null; }); }
Usage
Once the integration is set up, you can use the [Authorize] attribute without specifying roles explicitly. The roles will be automatically mapped based on your Razor Pages and Controllers.
Roles are created in the following format.
Controllers.User.Createuser
Controllers.User.DeleteUser
Controllers.User.GetUser
Controllers.User.UpdateUser
Pages.Privacy
[Authorize]
[Route("/user")]
public class UserController : ControllerBase
{
[HttpGet("/get-user")]
public string GetUser()
{
return "Success";
}
[HttpGet("/create-user")]
public string Createuser()
{
return "Success";
}
[HttpGet("/update-user")]
public string UpdateUser()
{
return "Success";
}
[HttpGet("/delete-user")]
public string DeleteUser()
{
return "Success";
}
}
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
-
net8.0
- Schick.Keycloak.RestApiClient (>= 22.0.3)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Bug fix