Oc6.Auth.AspNetCore 1.0.3
Auth
Authentication library for ASP.NET Core applications providing multiple authentication schemes with a unified attribute-based authorization approach.
Overview
This module provides a flexible authentication framework that supports multiple authentication schemes including API Key and Oc6Auth (cookie-based). It includes a flag-based system for specifying authentication schemes and a custom authorize attribute for easy endpoint protection.
Classes
Consts
Static class containing constant values for authentication endpoints.
Constants
ValidateLoginEndpoint: The endpoint path for validating authentication status.- Value:
"/validate-auth"
- Value:
Example:
// The constant can be used to reference the validation endpoint
var endpoint = Consts.ValidateLoginEndpoint; // "/validate-auth"
Oc6AuthSchemeFlag
Flag-based enumeration for specifying authentication schemes. Multiple schemes can be combined using bitwise operations.
Values
ApiKey: API Key authentication scheme (value:0b00000000000000000000000000000001)Oc6Auth: Oc6Auth cookie-based authentication scheme (value:0b00000000000000000000000000000010)
Example:
// Single scheme
var apiKeyOnly = Oc6AuthSchemeFlag.ApiKey;
// Multiple schemes using bitwise OR
var bothSchemes = Oc6AuthSchemeFlag.ApiKey | Oc6AuthSchemeFlag.Oc6Auth;
Oc6AuthorizeAttribute
Custom authorization attribute that allows specifying one or more authentication schemes using the Oc6AuthSchemeFlag enum.
Inherits: AuthorizeAttribute
Constructor
Oc6AuthorizeAttribute(Oc6AuthSchemeFlag schemes): Creates an authorize attribute with the specified authentication schemes.
Example:
// Protect endpoint with API Key authentication only
[Oc6Authorize(Oc6AuthSchemeFlag.ApiKey)]
[HttpGet("api/data")]
public IActionResult GetData()
{
return Ok("Protected data");
}
// Protect endpoint with multiple authentication schemes
[Oc6Authorize(Oc6AuthSchemeFlag.ApiKey | Oc6AuthSchemeFlag.Oc6Auth)]
[HttpGet("api/admin")]
public IActionResult AdminEndpoint()
{
return Ok("Admin access");
}
// Apply to entire controller
[Oc6Authorize(Oc6AuthSchemeFlag.Oc6Auth)]
public class UserController : ControllerBase
{
// All endpoints require Oc6Auth authentication
}
WebApplicationExtensions
Extension methods for WebApplication to add authentication validation endpoints.
Methods
UseValidateLoginEndpoint(WebApplication application, Oc6AuthSchemeFlag schemes)
Adds an endpoint at /validate-auth that validates if the current user is authenticated using the specified schemes.
Parameters:
application: The web applicationschemes: Authentication schemes to require for the endpoint
Returns: The modified WebApplication
Response:
- 200 OK with
IdentityDtoif authenticated - 401 Unauthorized if not authenticated
IdentityDto Properties:
IsAuthenticated(bool): Whether the user is authenticatedAuthenticationType(string?): The authentication type usedName(string?): The authenticated user's name
Example:
var builder = WebApplication.CreateBuilder(args);
// Configure services
builder.Services.AddApiKeyAuthentication(builder.Configuration);
builder.Services.AddOc6Auth(
connectionString: builder.Configuration.GetConnectionString("DefaultConnection")!,
environment: builder.Environment,
disableAutomaticKeyGeneration: true
);
var app = builder.Build();
// Add validation endpoint
app.UseAuthentication();
app.UseAuthorization();
app.UseValidateLoginEndpoint(Oc6AuthSchemeFlag.ApiKey | Oc6AuthSchemeFlag.Oc6Auth);
app.Run();
// Client usage - checking authentication status
// GET /validate-auth
// Headers: X-Api-Key: your-api-key
// Response (200 OK): { "isAuthenticated": true, "authenticationType": "ApiKey", "name": "System" }
Authentication Schemes
This module provides two authentication schemes:
ApiKey Authentication
See ApiKey/README.md for detailed documentation on API Key authentication including:
ApiKeyAuthenticationHandlerApiKeyConfigApiKeyConstantsApiKeyServiceCollectionExtension
Oc6Auth Authentication
See Oc6Auth/README.md for detailed documentation on Oc6Auth cookie-based authentication including:
Oc6AuthConstantsOc6AuthDbContextIServiceCollectionExtensions
Complete Usage Example
1. Configure Services
var builder = WebApplication.CreateBuilder(args);
// Add API Key authentication
builder.Services.AddApiKeyAuthentication(builder.Configuration);
// Add Oc6Auth cookie authentication
builder.Services.AddOc6Auth(
connectionString: builder.Configuration.GetConnectionString("DefaultConnection")!,
environment: builder.Environment,
disableAutomaticKeyGeneration: true
);
// Add controllers
builder.Services.AddControllers();
var app = builder.Build();
// Configure middleware
app.UseAuthentication();
app.UseAuthorization();
// Add validation endpoint
app.UseValidateLoginEndpoint(Oc6AuthSchemeFlag.ApiKey | Oc6AuthSchemeFlag.Oc6Auth);
app.MapControllers();
app.Run();
2. Protect Endpoints
[ApiController]
[Route("api/[controller]")]
public class DataController : ControllerBase
{
// Requires API Key only
[Oc6Authorize(Oc6AuthSchemeFlag.ApiKey)]
[HttpGet("system")]
public IActionResult GetSystemData()
{
return Ok(new { data = "System data" });
}
// Requires Oc6Auth (cookie) only
[Oc6Authorize(Oc6AuthSchemeFlag.Oc6Auth)]
[HttpGet("user")]
public IActionResult GetUserData()
{
var username = User.Identity?.Name;
return Ok(new { data = $"User data for {username}" });
}
// Accepts either authentication scheme
[Oc6Authorize(Oc6AuthSchemeFlag.ApiKey | Oc6AuthSchemeFlag.Oc6Auth)]
[HttpGet("flexible")]
public IActionResult GetFlexibleData()
{
var authType = User.Identity?.AuthenticationType;
return Ok(new { data = $"Authenticated via {authType}" });
}
}
3. Configuration File
{
"ApiKey": {
"ApiKey": "your-secure-api-key-here"
},
"ConnectionStrings": {
"DefaultConnection": "Server=localhost;Database=MyApp;Trusted_Connection=True;"
}
}
No packages depend on Oc6.Auth.AspNetCore.
.NET 10.0
- Microsoft.AspNetCore.DataProtection.EntityFrameworkCore (>= 10.0.2)
- Microsoft.AspNetCore.Identity.EntityFrameworkCore (>= 10.0.2)
- Microsoft.EntityFrameworkCore.SqlServer (>= 10.0.2)