Aspire.Keycloak.Authentication 9.0.0-preview.5.24551.3

Prefix Reserved
This is a prerelease version of Aspire.Keycloak.Authentication.
The specified version 9.1.0-preview.1.25075.1 was not found. You have been taken to version 9.0.0-preview.5.24551.3.
dotnet add package Aspire.Keycloak.Authentication --version 9.0.0-preview.5.24551.3                
NuGet\Install-Package Aspire.Keycloak.Authentication -Version 9.0.0-preview.5.24551.3                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Aspire.Keycloak.Authentication" Version="9.0.0-preview.5.24551.3" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Aspire.Keycloak.Authentication --version 9.0.0-preview.5.24551.3                
#r "nuget: Aspire.Keycloak.Authentication, 9.0.0-preview.5.24551.3"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Aspire.Keycloak.Authentication as a Cake Addin
#addin nuget:?package=Aspire.Keycloak.Authentication&version=9.0.0-preview.5.24551.3&prerelease

// Install Aspire.Keycloak.Authentication as a Cake Tool
#tool nuget:?package=Aspire.Keycloak.Authentication&version=9.0.0-preview.5.24551.3&prerelease                

Aspire.Keycloak.Authentication library

Adds JwtBearer and OpenId Connect authentication to the project via a Keycloak.

Getting started

Prerequisites

  • A Keycloak server instance
  • A Keycloak realm
  • For JwtBearer authentication, a configured audience in the Keycloak realm
  • For OpenId Connect authentication, the ID of a client configured in the Keycloak realm

Install the package

Install the .NET Aspire Keycloak library with NuGet:

dotnet add package Aspire.Keycloak.Authentication

Jwt bearer authentication usage example

In the Program.cs file of your ASP.NET Core API project, call the AddKeycloakJwtBearer extension method to add JwtBearer authentication, using a connection name, realm and any required JWT Bearer options:

builder.Services.AddAuthentication()
                .AddKeycloakJwtBearer("keycloak", realm: "WeatherShop", options =>
                {
                    options.Audience = "weather.api";
                });

You can set many other options via the Action<JwtBearerOptions> configureOptions delegate.

OpenId Connect authentication usage example

In the Program.cs file of your Blazor project, call the AddKeycloakOpenIdConnect extension method to add OpenId Connect authentication, using a connection name, realm and any required OpenId Connect options:

builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
                .AddKeycloakOpenIdConnect(
                    "keycloak", 
                    realm: "WeatherShop", 
                    options =>
                    {
                        options.ClientId = "WeatherWeb";
                        options.ResponseType = OpenIdConnectResponseType.Code;
                        options.Scope.Add("weather:all");
                    });

You can set many other options via the Action<OpenIdConnectOptions>? configureOptions delegate.

AppHost extensions

In your AppHost project, install the Aspire.Hosting.Keycloak library with NuGet:

dotnet add package Aspire.Hosting.Keycloak

Then, in the Program.cs file of AppHost, register a Keycloak server and consume the connection using the following methods:

var keycloak = builder.AddKeycloak("keycloak", 8080);

var apiService = builder.AddProject<Projects.Keycloak_ApiService>("apiservice")
                        .WithReference(keycloak);

builder.AddProject<Projects.Keycloak_Web>("webfrontend")
       .WithExternalHttpEndpoints()
       .WithReference(keycloak)
       .WithReference(apiService);

Recommendation: For local development use a stable port for the Keycloak resource (8080 in the example above). It can be any port, but it should be stable to avoid issues with browser cookies that will persist OIDC tokens (which include the authority URL, with port) beyond the lifetime of the AppHost.

The WithReference method configures a connection in the Keycloak.ApiService and Keycloak.Web projects named keycloak.

In the Program.cs file of Keycloak.ApiService, the Keycloak connection can be consumed using:

builder.Services.AddAuthentication()
                .AddKeycloakJwtBearer("keycloak", realm: "WeatherShop");

And in the Program.cs file of Keycloak.Web, the Keycloak connection can be consumed using:

var oidcScheme = OpenIdConnectDefaults.AuthenticationScheme;

builder.Services.AddAuthentication(oidcScheme)
                .AddKeycloakOpenIdConnect(
                    "keycloak", 
                    realm: "WeatherShop", 
                    oidcScheme);

Additional documentation

Feedback & contributing

https://github.com/dotnet/aspire

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
9.0.0-preview.5.24551.3 2,805 11/12/2024
9.0.0-preview.4.24511.1 828 10/15/2024
8.2.2-preview.1.24521.5 372 10/24/2024
8.2.1-preview.1.24473.4 646 9/26/2024
8.2.0-preview.1.24428.5 1,591 8/29/2024
8.1.0-preview.1.24373.2 493 7/23/2024