Skip to content

Informatievlaanderen/basisregisters-acmidm

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

86 Commits
.config
.config
 
 
.github
.github
 
 
.paket
.paket
 
 
identityserver
identityserver
 
 
samples
samples
 
 
src
src
 
 
test/Be.Vlaanderen.Basisregisters.Auth.Tests
test/Be.Vlaanderen.Basisregisters.Auth.Tests
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
Be.Vlaanderen.Basisregisters.Auth.sln
Be.Vlaanderen.Basisregisters.Auth.sln
 
 
Be.Vlaanderen.Basisregisters.Auth.sln.DotSettings
Be.Vlaanderen.Basisregisters.Auth.sln.DotSettings
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
global.json
global.json
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
paket.dependencies
paket.dependencies
 
 
paket.lock
paket.lock
 
 

Repository files navigation

Basisregisters ACM/IDM Build Status

ACM/IDM utilities for C#

Adds authentication and authorization to your ASP.NET API following the OAuth2 Client Credentials Grant using ACM/IDM as identity provider. More information of the OAuth2 flow implemented can be found here (Dutch).

https://www.nuget.org/packages?q=Be.Vlaanderen.Basisregisters.Auth.AcmIdm

How to use?

Web Api sample

The web API sample uses ASP.NET controllers and the nuget Be.Vlaanderen.Basisregisters.Api package to perform service and middleware registrations. I.a. the nuget package provides a middleware hook to register your authorization policies.

To add ACM/IDM based authentication/authorization following the OAuth2 Client Credentials grant, you have to perform following registrations:

  1. Call IServiceCollection.AddAcmIdmAuthentication in StartUp
  2. Hook into the Be.Vlaanderen.Basisregisters.Api middleware as following: MiddlewareHooks.Authorization -> options.AddAcmIdmAuthorization
  3. You need a separate registration of the used IAuthorizationHandler, namely RequiredScopesAuthorizationHandler.
  4. Use the Authorize attribute on your controller or controller methods as illustrated below:

[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme, Policy = PolicyNames.AcmIdmPolicy)] public class SecretController : ControllerBase

Minimal API sample

The minimal API sample doesn't make use of nuget package Be.Vlaanderen.Basisregisters.Api. And its service registrations are more straightforward.

It suffices to use the following extension methods on IServiceCollection:

  • AddAcmIdmAuthentication
  • AddAcmIdmAuthorization

Followed by using authentication/authorization on the WebApplication:

  • app.UseAuthentication();
  • app.UseAuthorization();

On your mapped HTTP methods, you can then call RequireAuthorization(PolicyNames.AcmIdmPolicy)

Docker Compose files

The repository includes two docker-compose files. The first is located at the root of the repo and is used to manually test the above described samples.

The second docker-compose file is located under test\Be.Vlaanderen.Basisregisters.Auth.Tests.ContainerHelper under the name identityserverfake_test.yml. This file is used to run the integration tests.

Both files run a docker image provided by the identity-server-fake repo. The fake identity server is configured by the acm.json files under \identityserver next to the docker-compose files.

About

ACM/IDM utilities for C#

www.nuget.org/packages?q=Be.Vlaanderen.Basisregisters.Auth.AcmIdm

Topics

base-registries base-registries-component

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 22

v3.2.0 Latest
Nov 4, 2024
+ 21 releases

Packages

No packages published

Contributors 7

Languages