Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/authress/authress-sdk.cs
The Authress SDK for C# provides authorization as a service with fully compatible REST apis.
https://github.com/authress/authress-sdk.cs
authentication authorization authorization-backend authorization-framework authorization-middleware authorization-server authress nuget security
Last synced: 2 months ago
JSON representation
The Authress SDK for C# provides authorization as a service with fully compatible REST apis.
- Host: GitHub
- URL: https://github.com/authress/authress-sdk.cs
- Owner: Authress
- License: apache-2.0
- Created: 2020-04-30T13:18:51.000Z (over 4 years ago)
- Default Branch: release/2.0
- Last Pushed: 2024-11-05T09:36:33.000Z (3 months ago)
- Last Synced: 2024-11-05T09:51:38.278Z (3 months ago)
- Topics: authentication, authorization, authorization-backend, authorization-framework, authorization-middleware, authorization-server, authress, nuget, security
- Language: C#
- Homepage: https://authress.io/app/#/api
- Size: 227 KB
- Stars: 6
- Watchers: 5
- Forks: 4
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: contributing.md
- License: LICENSE
Awesome Lists containing this project
README
# Authress SDK for C#
This is the Authress SDK for C#. Authress provides an authorization API for user identity, access control, and api key management as a drop in SaaS.
The Nuget package connects to the [Authress API](https://authress.io/app/#/api). You can use Authress to build authentication and authorization directly into your applications and services. Additionally, Authress can be used locally to develop faster without needing an [Authress Account](https://authress.io)
## Usage
You can either directly install the Authress SDK directly into your current application or checkout the [Authress C# Starter Kit](https://github.com/Authress/csharp-starter-kit#authress-starter-kit-c--net-asp-mvc).
Installation:
* run: `dotnet add Authress.SDK` (or install via visual tools)
#### Verify Authress JWT
The recommended solution is to use the C# built in OpenID provider by Microsoft. An example implementation is available in the [Authress C# Starter Kit](https://github.com/Authress/csharp-starter-kit/blob/main/src/Program.cs#L35). However, in some cases you might need to parse the JWT directly and verify it for use in serverless functions.
```csharp
using Authress.SDK;
// Get an authress custom domain: https://authress.io/app/#/settings?focus=domain
var authressSettings = new AuthressSettings { AuthressApiUrl = "https://authress.company.com", };
var authressClient = new AuthressClient(tokenProvider, authressSettings)
var verifiedUserIdentity = await authressClient.VerifyToken(jwtToken);
Console.WriteLine($"User ID: {verifiedUserIdentity.UserId}");
```
#### Authorize users using user identity token
```csharp
using Authress.SDK;
namespace Microservice
{
public class Controller
{
public static async void Route()
{
// automatically populate forward the users token
// 1. instantiate all the necessary classes (example using ASP.NET or MVC, but any function works)
// If using the HttpContextAccessor, register it first inside the application root
// services.TryAddSingleton();
var tokenProvider = new DynamicTokenProvider(() =>
{
// Then get the access token from the incoming API request and return it
var httpContextAccessor = ServiceProvider.GetRequiredService();
var accessToken = await httpContextAccessor.HttpContext.GetTokenAsync("Bearer", "access_token");
return accessToken;
});
// Get an authress custom domain: https://authress.io/app/#/settings?focus=domain
var authressSettings = new AuthressSettings { AuthressApiUrl = "https://authress.company.com", };
var authressClient = new AuthressClient(tokenProvider, authressSettings);
// 2. At runtime attempt to Authorize the user for the resource
await authressClient.AuthorizeUser("USERID", "RESOURCE_URI", "PERMISSION");
// API Route code
// ...
}
}
}
```
#### Authorize using an explicitly set token each time
```csharp
using Authress.SDK;
namespace Microservice
{
public class Controller
{
public static async void Route()
{
// automatically populate forward the users token
// 1. instantiate all the necessary classes
var tokenProvider = new ManualTokenProvider();
var authressSettings = new AuthressSettings { AuthressApiUrl = "https://DOMAIN.api.authress.io", };
var authressClient = new AuthressClient(tokenProvider, authressSettings);
// 2. At runtime attempt to Authorize the user for the resource
tokenProvider.setToken(userJwt);
await authressClient.AuthorizeUser("USERID", "RESOURCE_URI", "PERMISSION");
// API Route code
// ...
}
}
}
```
#### Authorize users using client secret
```csharp
using Authress.SDK;
namespace Microservice
{
public class Controller
{
public static async void Route()
{
// accessKey is returned from service client creation in Authress UI
// 1. instantiate all the necessary classes
var accessKey = 'ACCESS_KEY';
// Assuming it was encrypted in storage, decrypt it
var decodedAccessKey = decrypt(accessKey);
var tokenProvider = new AuthressClientTokenProvider(decodedAccessKey);
// Get an authress custom domain: https://authress.io/app/#/settings?focus=domain
var authressSettings = new AuthressSettings { AuthressApiUrl = "https://authress.company.com", };
var authressClient = new AuthressClient(tokenProvider, authressSettings);
// Attempt to Authorize the user for the resource
// 2. At runtime the token provider will automatically pull the token forward
await authressClient.AuthorizeUser("USERID", "RESOURCE_URI", "PERMISSION");
// API Route code
// ...
}
}
}
```
### Contribution guidelines for the Authress SDK
[Contribution guidelines](./contributing.md)