Aspire.Keycloak.Authentication
9.0.0-preview.5.24551.3
Prefix Reserved
dotnet add package Aspire.Keycloak.Authentication --version 9.0.0-preview.5.24551.3
NuGet\Install-Package Aspire.Keycloak.Authentication -Version 9.0.0-preview.5.24551.3
<PackageReference Include="Aspire.Keycloak.Authentication" Version="9.0.0-preview.5.24551.3" />
paket add Aspire.Keycloak.Authentication --version 9.0.0-preview.5.24551.3
#r "nuget: Aspire.Keycloak.Authentication, 9.0.0-preview.5.24551.3"
// Install Aspire.Keycloak.Authentication as a Cake Addin #addin nuget:?package=Aspire.Keycloak.Authentication&version=9.0.0-preview.5.24551.3&prerelease // Install Aspire.Keycloak.Authentication as a Cake Tool #tool nuget:?package=Aspire.Keycloak.Authentication&version=9.0.0-preview.5.24551.3&prerelease
Aspire.Keycloak.Authentication library
Adds JwtBearer and OpenId Connect authentication to the project via a Keycloak.
Getting started
Prerequisites
- A Keycloak server instance
- A Keycloak realm
- For JwtBearer authentication, a configured audience in the Keycloak realm
- For OpenId Connect authentication, the ID of a client configured in the Keycloak realm
Install the package
Install the .NET Aspire Keycloak library with NuGet:
dotnet add package Aspire.Keycloak.Authentication
Jwt bearer authentication usage example
In the Program.cs file of your ASP.NET Core API project, call the AddKeycloakJwtBearer
extension method to add JwtBearer authentication, using a connection name, realm and any required JWT Bearer options:
builder.Services.AddAuthentication()
.AddKeycloakJwtBearer("keycloak", realm: "WeatherShop", options =>
{
options.Audience = "weather.api";
});
You can set many other options via the Action<JwtBearerOptions> configureOptions
delegate.
OpenId Connect authentication usage example
In the Program.cs file of your Blazor project, call the AddKeycloakOpenIdConnect
extension method to add OpenId Connect authentication, using a connection name, realm and any required OpenId Connect options:
builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddKeycloakOpenIdConnect(
"keycloak",
realm: "WeatherShop",
options =>
{
options.ClientId = "WeatherWeb";
options.ResponseType = OpenIdConnectResponseType.Code;
options.Scope.Add("weather:all");
});
You can set many other options via the Action<OpenIdConnectOptions>? configureOptions
delegate.
AppHost extensions
In your AppHost project, install the Aspire.Hosting.Keycloak
library with NuGet:
dotnet add package Aspire.Hosting.Keycloak
Then, in the Program.cs file of AppHost
, register a Keycloak server and consume the connection using the following methods:
var keycloak = builder.AddKeycloak("keycloak", 8080);
var apiService = builder.AddProject<Projects.Keycloak_ApiService>("apiservice")
.WithReference(keycloak);
builder.AddProject<Projects.Keycloak_Web>("webfrontend")
.WithExternalHttpEndpoints()
.WithReference(keycloak)
.WithReference(apiService);
Recommendation: For local development use a stable port for the Keycloak resource (8080 in the example above). It can be any port, but it should be stable to avoid issues with browser cookies that will persist OIDC tokens (which include the authority URL, with port) beyond the lifetime of the AppHost.
The WithReference
method configures a connection in the Keycloak.ApiService
and Keycloak.Web
projects named keycloak
.
In the Program.cs file of Keycloak.ApiService
, the Keycloak connection can be consumed using:
builder.Services.AddAuthentication()
.AddKeycloakJwtBearer("keycloak", realm: "WeatherShop");
And in the Program.cs file of Keycloak.Web
, the Keycloak connection can be consumed using:
var oidcScheme = OpenIdConnectDefaults.AuthenticationScheme;
builder.Services.AddAuthentication(oidcScheme)
.AddKeycloakOpenIdConnect(
"keycloak",
realm: "WeatherShop",
oidcScheme);
Additional documentation
- https://www.keycloak.org/getting-started/getting-started-docker
- https://github.com/dotnet/aspire/tree/main/src/Components/README.md
Feedback & contributing
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. |
-
net8.0
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 8.0.11)
- Microsoft.AspNetCore.Authentication.OpenIdConnect (>= 8.0.11)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Version | Downloads | Last updated |
---|---|---|
9.0.0-preview.5.24551.3 | 2,805 | 11/12/2024 |
9.0.0-preview.4.24511.1 | 828 | 10/15/2024 |
8.2.2-preview.1.24521.5 | 372 | 10/24/2024 |
8.2.1-preview.1.24473.4 | 646 | 9/26/2024 |
8.2.0-preview.1.24428.5 | 1,591 | 8/29/2024 |
8.1.0-preview.1.24373.2 | 493 | 7/23/2024 |