Keycloak.AuthServices.Aspire.Hosting 0.1.0-preview1

Prefix Reserved
This is a prerelease version of Keycloak.AuthServices.Aspire.Hosting.
There is a newer version of this package available.
See the version list below for details.
dotnet add package Keycloak.AuthServices.Aspire.Hosting --version 0.1.0-preview1                
NuGet\Install-Package Keycloak.AuthServices.Aspire.Hosting -Version 0.1.0-preview1                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Keycloak.AuthServices.Aspire.Hosting" Version="0.1.0-preview1" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Keycloak.AuthServices.Aspire.Hosting --version 0.1.0-preview1                
#r "nuget: Keycloak.AuthServices.Aspire.Hosting, 0.1.0-preview1"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Keycloak.AuthServices.Aspire.Hosting as a Cake Addin
#addin nuget:?package=Keycloak.AuthServices.Aspire.Hosting&version=0.1.0-preview1&prerelease

// Install Keycloak.AuthServices.Aspire.Hosting as a Cake Tool
#tool nuget:?package=Keycloak.AuthServices.Aspire.Hosting&version=0.1.0-preview1&prerelease                

Keycloak.AuthServices

Discord Build CodeQL NuGet contributionswelcome Conventional Commits License

Easy Authentication and Authorization with Keycloak in .NET.

Package Version Description
Keycloak.AuthServices.Authentication Nuget Keycloak Authentication JWT + OICD
Keycloak.AuthServices.Authorization Nuget Authorization Services. Use Keycloak as authorization server
Keycloak.AuthServices.Sdk Nuget HTTP API integration with Keycloak
Keycloak.AuthServices.Sdk.Kiota Nuget HTTP API integration with Keycloak based on OpenAPI

GitHub Actions Build History

Documentation

See the docs: https://nikiforovall.github.io/keycloak-authorization-services-dotnet

Getting Started

Install packages:

dotnet add package Keycloak.AuthServices.Authentication
dotnet add package Keycloak.AuthServices.Common
// Program.cs
using Keycloak.AuthServices.Authentication; 

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddKeycloakWebApiAuthentication(builder.Configuration); 
builder.Services.AddAuthorization(); 

var app = builder.Build();

app.UseAuthentication(); 
app.UseAuthorization(); 

app.MapGet("/", () => "Hello World!").RequireAuthorization(); 

app.Run();

In this example, configuration is based on appsettings.json.

//appsettings.json
{
    "Keycloak": {
        "realm": "Test",
        "auth-server-url": "http://localhost:8080/",
        "ssl-required": "none",
        "resource": "test-client",
        "verify-token-audience": false,
        "credentials": {
        "secret": ""
        },
        "confidential-port": 0
    }
}

Example - Add Authorization

With Keycloak.AuthServices.Authorization, you can implement role-based authorization in your application. This package allows you to define policies based on roles. Also, you can use Keycloak as Authorization Server. It is a powerful way to organize and apply authorization polices centrally.

var builder = WebApplication.CreateBuilder(args);

var host = builder.Host;
var configuration = builder.Configuration;
var services = builder.Services;

services.AddKeycloakWebApiAuthentication(configuration);

services.AddAuthorization(options =>
    {
        options.AddPolicy("AdminAndUser", builder =>
        {
            builder
                .RequireRealmRoles("User") // Realm role is fetched from token
                .RequireResourceRoles("Admin"); // Resource/Client role is fetched from token
        });
    })
    .AddKeycloakAuthorization(configuration);

var app = builder.Build();

app.UseAuthentication();
app.UseAuthorization();

app.MapGet("/hello", () => "[]")
    .RequireAuthorization("AdminAndUser");

app.Run();

Example - Invoke Admin API

var services = new ServiceCollection();
services.AddKeycloakAdminHttpClient(new KeycloakAdminClientOptions
{
    AuthServerUrl = "http://localhost:8080/",
    Realm = "master",
    Resource = "admin-api",
});

var sp = services.BuildServiceProvider();
var client = sp.GetRequiredService<IKeycloakRealmClient>();

var realm = await client.GetRealmAsync("Test");

Build and Development

dotnet cake --target build

dotnet cake --target test

dotnet pack -o ./Artefacts

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories (1)

Showing the top 1 popular GitHub repositories that depend on Keycloak.AuthServices.Aspire.Hosting:

Repository Stars
NikiforovAll/keycloak-authorization-services-dotnet
Authentication and Authorization with Keycloak and ASP.NET Core 🔐
Version Downloads Last updated
0.1.0 3,597 6/2/2024
0.1.0-preview1 345 6/1/2024