Fhi.ClientCredentialsKeypairs 3.0.0-beta2

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher.
This is a prerelease version of Fhi.ClientCredentialsKeypairs.
The owner has unlisted this package. This could mean that the package is deprecated, has security vulnerabilities or shouldn't be used anymore. 
dotnet add package Fhi.ClientCredentialsKeypairs --version 3.0.0-beta2
                    


                    

                
NuGet\Install-Package Fhi.ClientCredentialsKeypairs -Version 3.0.0-beta2
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Fhi.ClientCredentialsKeypairs" Version="3.0.0-beta2" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Fhi.ClientCredentialsKeypairs" Version="3.0.0-beta2" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Fhi.ClientCredentialsKeypairs" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Fhi.ClientCredentialsKeypairs --version 3.0.0-beta2
                    


                    

                
#r "nuget: Fhi.ClientCredentialsKeypairs, 3.0.0-beta2"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Fhi.ClientCredentialsKeypairs@3.0.0-beta2
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Fhi.ClientCredentialsKeypairs&version=3.0.0-beta2&prerelease
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Fhi.ClientCredentialsKeypairs&version=3.0.0-beta2&prerelease
                    


                            Install as a Cake Tool

Whats new in 2.0

Breaking changes

If you use HttpClientFactory, use AddDefaultAuthHandler() instead of adding a HttpAuthHandler. Refactor this:

services.AddHttpClient(api.Name, c =>
{
    c.BaseAddress = clientCredentialsConfiguration.UriToApiByName(api.Name);
})
.AddHttpMessageHandler<HttpAuthHandler>();

to this:


var apiConfiguration = clientCredentialsConfiguration.GetApi(api.Name);
services.AddHttpClient(api.Name, c =>
{
    c.BaseAddress = new Uri(apiConfiguration.Url);
})
.AddDefaultAuthHandler(apiConfiguration);

New features

Scopes and DPoP-configuration can now be set per API:

"ClientCredentialsConfiguration": {
  "Apis": [
    {
      "Name": "IGrunndataClient",
      "Url": "https://localhost:5001",
      "Scope": "fhi:grunndata.personoppslagapi/sysvak", // <-- new! (you might have had this here before, but it was never used)
      "UseDpop": true // <-- new! (this is false by default)
    }
  ],

If no scope is set per API, it will default back to the scopes list set in ClientCredentialsConfiguration. Make sure your API calls get the correct scopes after upgrading.

Client Credentials Usage

Configuration file section

  1. Add the following configuration section to your appsettings.json files, and populate it appropriately.
  "ClientCredentialsConfiguration": {
    "clientName": "",
    "authority": "",
    "clientId": "",
    "grantTypes": [ "client_credentials" ],
    "scopes": [ ],
    "secretType": "private_key_jwt:RsaPrivateKeyJwtSecret",
    "rsaPrivateKey": "",
    "rsaKeySizeBits": 4096,
    "privateJwk": "",
    "Apis": [
      {
        "Name": "", // Tip:  Use nameof(YourService)
        "Url": "",
        "Scope": ""
      }
    ],
    "refreshTokenAfterMinutes":  8  // Set approx 20% less than lifetime of access token
  }

PS: Please be aware that the Authority must end with connect/token.

Client Credentials using Keypairs

  1. Add package 'Fhi.ClientCredentialsKeypairs' to your project

  2. In your Program.cs file, or if older Startup.cs, add the following code section (for the outgoing interfaces):

    var clientCredentialsConfiguration = services.AddClientCredentialsKeypairs(Configuration);
    var apiConfiguration = clientCredentialsConfiguration.GetApi(nameof(YourService));
    services.AddHttpClient(nameof(YourService), c =>
    {
       c.Timeout = new TimeSpan(0, 0, 0, 10);
       c.BaseAddress = new Uri(apiConfiguration.Url);
    })
    .AddDefaultAuthHandler(apiConfiguration)
    .AddTypedClient(c => RestService.For<IExternalApi>(c, new RefitSettings
    {
       ContentSerializer = new SystemTextJsonContentSerializer(services.DefaultJsonSerializationOptions())
    }));

replacing YourService with the service you have done for accessing the external api, and replace IExternalApi with the Refit interface for whatever external api you want to access.

For usages of Refit that uses an interface (in this example IMyService is the interface that Refit will implement), the code would look something like this:

services
    .AddRefitClient<IMyService>()
    .ConfigureHttpClient(c =>
    {
        c.BaseAddress = new Uri(apiConfiguration.Url);
    })
    .AddDefaultAuthHandler(apiConfiguration);

The Configuration property is the injected IConfiguration property from the Startup.cs file.

If you don't use Refit, you can just skip the last part, and get the named client from the injected HttpFactory in your service. It will still have the authenticationhandler, so you don't need to do anything more there to get the bearer token. It will be added automatically.

Client Credentials using Client Secrets

If you want to disable the authorization for some reason, you can add another property named Enable to the ClientCredentialsConfiguration, it is default true.

  1. Add package Fhi.ClientCredentialsUsingSecrets to your project
  2. In your Program.cs file, create an instance of the ClientCredentialsSetup class using an IConfiguration parameter.
  3. Using the created instance call the method ConfigureServices.

Calling endpoints that does not required authentication

In some cases we might wish to call an API before we are authenticated (health endpoints, kodeverk, etc..).

To make the HttpAuthHandler not add authentication headers to a single request you can add an Option to the request with the key name "Anonymous":

var request = new HttpRequestMessage();
request.Options.TryAdd("Anonymous", "");

or in Refit:

[Get("/info")]
Task<string> GetInfo([Property("Anonymous")] string anonymous = "");
Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated