Formula.SimpleResourceServer 1.8.0

dotnet add package Formula.SimpleResourceServer --version 1.8.0                
NuGet\Install-Package Formula.SimpleResourceServer -Version 1.8.0                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Formula.SimpleResourceServer" Version="1.8.0" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Formula.SimpleResourceServer --version 1.8.0                
#r "nuget: Formula.SimpleResourceServer, 1.8.0"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Formula.SimpleResourceServer as a Cake Addin
#addin nuget:?package=Formula.SimpleResourceServer&version=1.8.0

// Install Formula.SimpleResourceServer as a Cake Tool
#tool nuget:?package=Formula.SimpleResourceServer&version=1.8.0                

Formula.SimpleResourceServer

A simple OAuth2 / OpenID Connect Resource Server wrapper for Identity Server.

By default, Simple Resource Server validates authentication against an authority using JWT ( see here for more on jwt ) passed using using a Bearer token in the Authorization header of the request made from the client.

Adding Resource Server

To enable a project to serve as a resource server against an authority you will need to prepare configuration and inject it correctly in Startup.cs.

Add the following using;

using Formula.SimpleResourceServer;

Startup.cs - ConfigureServices

Some extension methods have been provided for you register your configuration. Within the ConfigureServices function of Startup.cs you can call services.AddSimpleResourceServer providing it with an implementation of ISimpleResourceServerConfig.

This can be done by creating your own class that implements the ISimpleResourceServerConfig contract, manually, however a more common way to provide configuration is via a JSON configuration file within the project using the ResourceServerConfigLoader.

(See ResourceServerConfigDefinition for configuration options)

services.AddSimpleResourceServer(ResourceServerConfigLoader.Get("resourceServerConfig.json"));

You may also provide some defaults using a delegate.

services.AddSimpleResourceServer(ResourceServerConfigLoader.Get("resourceServerConfig.json", () =>
{
    var def = new ResourceServerConfigDefinition();
    def.Authority = "http://localhost:5000";
    def.RequireHttpsMetadata = false;
    def.Audience = "my-api";
    return def;
}));

(See ConfigLoader in Formula.SimpleCore for details on how this functionality may be leverage for other task)

If you handle other additional authentication mechanisms, you may pass your AuthenticationBuilder as a second parameter to this function, otherwise it is assumed that no other calls to AddAuthentication have been configured.

Startup.cs - Configure

In the configure section of your app, you may call;

app.UseSimpleResourceServer();

This should be done before other calls to UseAuthorization.

Obtaining Authorization / Identity Details

A service is provided, allowing you to extract certain claims about the user making the request. This class IdentityDetails can provide the user id, and other details (providing you have configured your authorization server to provide these claims). This was designed with Open ID Connect / OAuth 2 and was tested using IdentityServer 4. Obtaining the user id available without any additional configuration, however some properties require additional claims be set up.

You can retrieve the identity details as follows.

var details = new Formula.SimpleResourceServer.IdentityDetails(httpContextAccessor);
var userId = details.UserId;

// The following properties require additional configuration on the authorization server
var email = details.Email;
var roles = details.Roles;

var isAdmin = details.HasRole("Administrator");

Additional Configuration for Roles

In order to use "Role Based Authorization", the "scope" for your resource, needs to include additional claims. At a minimum role, however it is suggested to enable the following useful claims (role, email, name).

This configuration will be mentioned from the perspective of IdentityServer 4. For your resource (see ApiResources table), you need to set up API Claims for; role, email and name (see the ApiClaims table).

References used for this were;

Packages / Projects Used

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.8.0 8,907 3/28/2024
1.6.0 32,520 8/22/2022
1.0.3 2,598 8/4/2022
1.0.2 21,302 5/24/2020
1.0.1 814 4/3/2020
1.0.0 912 2/22/2020