{"id":23122848,"url":"https://github.com/wissance/authorization","last_synced_at":"2025-08-17T03:30:58.271Z","repository":{"id":43727081,"uuid":"421435447","full_name":"Wissance/Authorization","owner":"Wissance","description":"An unofficial adapters to use KeyCloak as Authentication and Authorization server","archived":false,"fork":false,"pushed_at":"2023-11-11T14:01:35.000Z","size":1756,"stargazers_count":6,"open_issues_count":6,"forks_count":1,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-12-06T03:29:46.595Z","etag":null,"topics":["aspnet-identity","aspnetcore","authentication","jwt-authentication","keycloak","keycloak-authenticator","keycloak-net","keycloak-net-core","oauth2","openidconnect"],"latest_commit_sha":null,"homepage":"https://wissance.github.io/Authorization/","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Wissance.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-10-26T13:26:20.000Z","updated_at":"2023-10-20T21:40:19.000Z","dependencies_parsed_at":"2023-01-17T21:02:19.328Z","dependency_job_id":null,"html_url":"https://github.com/Wissance/Authorization","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Wissance%2FAuthorization","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Wissance%2FAuthorization/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Wissance%2FAuthorization/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Wissance%2FAuthorization/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Wissance","download_url":"https://codeload.github.com/Wissance/Authorization/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":230080775,"owners_count":18169619,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aspnet-identity","aspnetcore","authentication","jwt-authentication","keycloak","keycloak-authenticator","keycloak-net","keycloak-net-core","oauth2","openidconnect"],"created_at":"2024-12-17T07:31:02.855Z","updated_at":"2024-12-17T07:31:09.254Z","avatar_url":"https://github.com/Wissance.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Wissance.Authorization Project\n![GitHub code size in bytes](https://img.shields.io/github/languages/code-size/wissance/Authorization?style=plastic) \n![GitHub issues](https://img.shields.io/github/issues/wissance/Authorization?style=plastic)\n![GitHub Release Date](https://img.shields.io/github/release-date/wissance/Authorization) \n![GitHub release (latest by date)](https://img.shields.io/github/downloads/wissance/Authorization/v1.1.4/total?style=plastic)\n\n![LabWatcher: is automated Mossbauer laboratory control toolset](/img/cover.png)\n\nC# class library that helps to add authorization into **any** type of applycation (`Web`, `Desktop` and others easily). Supports `OpenId-Connect` `private` and `public` authentication using ***token* ** and ***authorization code*** flows in `KeyCloak`. Works with any version of `KeyCloak`, supporting old platforms (**netcore 3.1+**, **netstandard2.0+**).\n\n\n## Functionality\n* Easily integrate **KeyCloak as authorization server** into any application (`Web`, `Desktop` or `Console`)\n* Protect **swagger with KeyCloak** Authorization\n\n## Example of usage\n### 1. Authentication \u0026 Authorization on Keycloak\n\ndon't forget to add this usage:\n```csharp\nusing Wissance.Authorization.Config;\nusing Wissance.Authorization.Extensions;\n```\n\nIn my Startup.cs i have _ConfigureService_ method that calls ConfigureWeb:\n```csharp\npublic void ConfigureServices(IServiceCollection services)\n{\n     // Configure subsystems before ...\n     ConfigureWeb(services);\n     // Configure subsystems after ...\n}\n\n// ...\n\nprivate void ConfigureWeb(IServiceCollection services)\n{\n     // ...\n     // Authorization, here we need only config which is very simple, see KeyCloakAuthenticator tests\n     KeyCloakServerConfig authConfig = BuildKeyCloakConfig();\n     services.AddKeyCloak(authConfig);\n     // ...\n}\n\n// don't forget to add Authentication \u0026 Authorization in Configure function, like this:\n\npublic void Configure(IApplicationBuilder app, IWebHostEnvironment env)\n{\n    // ...\n    app.UseAuthentication();\n    // app.UseHttpsRedirection();\n\n    app.UseRouting();\n\n    app.UseAuthorization();\n\n    app.UseEndpoints(endpoints =\u003e { endpoints.MapControllers(); });\n    //...\n}\n\n```\n\nif you would like to just `Restrict` access to you controllers to only Autenticated users (without Claims check) your could add following (i suppose that Controllers configuretion is implemented in upper mentioned `ConfigureWeb(IServiceCollection services)` method:\n\n```csharp\nservices.AddControllers(config =\u003e\n{\n    AuthorizationPolicy policy = new AuthorizationPolicyBuilder()\n                                    .RequireAuthenticatedUser()\n                                    .Build();\n    config.Filters.Add(new AuthorizeFilter(policy));\n});\n```\nthis requires to add a couple of using:\n\n```csharp\nusing Microsoft.AspNetCore.Authorization;\nusing Microsoft.AspNetCore.Mvc.Authorization;\n```\n\nIf you would like to use Role-based acces to controllers (we form Roles property (propper mapper have to be configured on a KeyCloak side)) use `[Authorize]` attribute on controllers, i.e.\n```csharp\nusing Microsoft.AspNetCore.Mvc;\nusing Microsoft.AspNetCore.Authorization;\n\n[ApiController]\n[Authorize(Roles = \"user\")]\n public class MyController : ControllerBase\n{\n    // ...\n}\n```\n\n### 2. Use swagger under Authorization\n\nSee the structure of Startup class in part related to Keycloak, so to configure Swagger with Keycloak add following line to you `ConfigureWeb(IServiceCollection services` method:\n\n```csharp\nIDictionary\u003cstring, string\u003e scopes = _authConfig.Scopes.Select(s =\u003e s).ToDictionary(k =\u003e k, v =\u003e v);\nAction\u003cSwaggerGenOptions\u003e generalOptionSwaggerConfigure = options =\u003e\n{\n    options.MapType\u003cTimeSpan\u003e(() =\u003e new OpenApiSchema\n    {\n        Type = \"string\",\n        Example = new OpenApiString(\"00:00:00\")\n     });\n};\nservices.AddSwaggerWithKeyCloakPasswordAuthentication(authConfig, generalOptionSwaggerConfigure, scopes);\n```\n\nand to `Configure(IApplicationBuilder app, IWebHostEnvironment env)` method:\n\n```csharp\n   app.UseSwaggerWithKeyCloakAuthentication(\"Wissance.BusinessTools\", BuildKeyCloakConfig(), _authConfig.Scopes);\n```\n\n`_authConfig.Scopes` is array of strings (public string[] Scopes { get; set; }), by default _**Keycloak**_ works with _**profile**_ scope.\nvar Scopes = new string[]{\"profile\"};\n\n!!! DON'T forget to add * or your app base URI i.e. http://localhost:8421/* to **WebOrigin of Keycloak client settings** (subscribe to our medium because we are writing interesting articles and in particular about Authorization and Keycloak usage aspects: https://m-ushakov.medium.com/)\n\n_Additional docs with images with examples will be soon_.\n\n## Nuget package\nhttps://www.nuget.org/packages/Wissance.Authorization/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwissance%2Fauthorization","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwissance%2Fauthorization","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwissance%2Fauthorization/lists"}