BasicHeaderAuthentication.AspNetCore 1.0.1

dotnet add package BasicHeaderAuthentication.AspNetCore --version 1.0.1                
NuGet\Install-Package BasicHeaderAuthentication.AspNetCore -Version 1.0.1                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="BasicHeaderAuthentication.AspNetCore" Version="1.0.1" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add BasicHeaderAuthentication.AspNetCore --version 1.0.1                
#r "nuget: BasicHeaderAuthentication.AspNetCore, 1.0.1"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install BasicHeaderAuthentication.AspNetCore as a Cake Addin
#addin nuget:?package=BasicHeaderAuthentication.AspNetCore&version=1.0.1

// Install BasicHeaderAuthentication.AspNetCore as a Cake Tool
#tool nuget:?package=BasicHeaderAuthentication.AspNetCore&version=1.0.1                

Basic Header Authentication

License: MIT nuget

This package is designed to provide basic header authentication to .NET core 2.x / 3x. This is intended for usage with API's where a single header can be used as a "key" that has been provided to a consumer.

Warning: This header is transmitted in plain-text. This means it's subject to man in the middle attacks. If you are securing important information such as medical data, credit cards, or personal information. You should consider a more secure method for authentication. If you can't. Please look into adding a method of forward secrecy to your authenticator code in your application.

IBasicHeaderAuthenticator

It's your applications responsibility to check if a value supplied in the authentication header is valid. This is done by creating a class that inherits IBasicHeaderAuthenticator and registering it at startup as shown below. You return null if validation fails which will terminate the request as Unauthorized. You return a ClaimsPrincipal class if validation passes. If you return an empty ClaimsPrincipal as shown below. It will be auto populated with a Name claim containing the header value as User.Identity.Name.

Note: This example only checks if a value supplied in the request exists, and is not null, or empty. You should use this method to check if the value exists in a database, or dictionary / list etc..

public class BasicHeaderAuthenticator : IBasicHeaderAuthenticator
{
    public async Task<ClaimsPrincipal> SignIn(string value)
    {
        return string.IsNullOrEmpty(value) ? null : new ClaimsPrincipal();
    }
}

Note: Make sure this line is before AddAuthentication, and AddBasicHeaderAuthentication

services.AddTransient<IBasicHeaderAuthenticator, BasicHeaderAuthenticator>();

Configuration

services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = BasicHeaderAuthenticationOptions.DefaultScheme;
    options.DefaultChallengeScheme = BasicHeaderAuthenticationOptions.DefaultScheme;
}).AddBasicHeaderAuthentication(options =>
{
    options.HeaderKey = "X-AuthKey"; // You can use any header key you wish.
});

Authorization

You can use the [Authorize(AuthenticationSchemes = BasicHeaderAuthenticationOptions.DefaultScheme)] attribute out of the box. However, If you wish to use the [Authorize] attribute without having to supply an authenticator scheme each time. You can add the following code after AddBasicHeaderAuthentication.

services.AddAuthorization(options =>
{
    options.DefaultPolicy = new AuthorizationPolicyBuilder(BasicHeaderAuthenticationOptions.DefaultScheme)
    .RequireAuthenticatedUser()
    .Build();
});
Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp3.1 is compatible. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.0.1 583 5/13/2020
1.0.0 500 4/30/2020