Black.Beard.Policy.Web
1.0.17
dotnet add package Black.Beard.Policy.Web --version 1.0.17
NuGet\Install-Package Black.Beard.Policy.Web -Version 1.0.17
<PackageReference Include="Black.Beard.Policy.Web" Version="1.0.17" />
<PackageVersion Include="Black.Beard.Policy.Web" Version="1.0.17" />
<PackageReference Include="Black.Beard.Policy.Web" />
paket add Black.Beard.Policy.Web --version 1.0.17
#r "nuget: Black.Beard.Policy.Web, 1.0.17"
#:package Black.Beard.Policy.Web@1.0.17
#addin nuget:?package=Black.Beard.Policy.Web&version=1.0.17
#tool nuget:?package=Black.Beard.Policy.Web&version=1.0.17
Policy
The Black.Beard.Policies library is designed to help developers manage and evaluate authorization policies in .NET applications. It provides a flexible syntax for defining rules based on user claims, roles, and other contextual data. With this library, you can easily create, organize, and enforce complex access control policies, making it suitable for scenarios where fine-grained security and dynamic rule evaluation are required. It also integrates with web applications and supports external identity providers like Keycloak for authentication testing.
Documentation
For detailed information on how to use the policy syntax, see the Documentation of the syntax.
Testing with keycloak
For testing you can use keycloak Documentation to install keycloak.
any samples for Create policy
Create an alias for using in the policy like claim name
alias role : ""http://schemas.microsoft.com/ws/2008/06/identity/claims/role""
Create a policy like a claim ope is required but the value is not important
policy p1 : ope+
Create a policy like a role admin is required
policy p1 : role=admin
Create a policy like a role can't be guest
policy p1 : role != guest
Create a policy like a role admin is required
policy p1 : (role = admin)
Create a policy like a role can't be guest
policy p1 : !(role == guest)
Create a policy like a role can be admin or guest
policy p1 : role in [admin, guest]
Create a policy like a role can't be admin or guest
policy p1 : role !in [admin, guest]
Create a policy like a role must not to have admin and guest
policy p1 : role !has [admin, guest]
Create a policy like a role must to have admin and guest
policy p1 : role has [admin, guest]
Create a policy like the value to evaluate is in another object with a property name equal to "property" and value equal to 1
policy p1 : source2.property = 1
Create a policy like the value to evaluate is in another object with a property name equal to "property" and value equal to 1
policy p1 : source2.property = 1
Create a policy like that check if greater than 18
policy isAdult : Identity.Age >= 18
Add category on a rule
policy p1 (web) : Identity.IsAuthenticated
How to use library
string policyPayload = @"// your rules";
var policies = Policy.Evaluate(policyPayload);
if (!policies.Diagnostics.Success)
throw new Exception("Failed to evaluate file policies");
var evaluator = new PolicyEvaluator(policies);
if (evaluator.Evaluate(policyRule.Name, c.User, out RuntimeContext context))
{
// access granted
}
If you have a web site, reference nuget package Black.Beard.Policy.Web
WebApplicationBuilder builder;
builder.AddPolicy("file path", c => true );
var app = builder.Build();
app.ConfigurePolicy()
app.Run();
sample of policy file
/* base rules */
policy isAuthenticated
: Identity.IsAuthenticated
policy isAnonymous
: !Identity.IsAuthenticated
policy IsAdmin
: role = administrator
policy IsUser
: role = user
/* default rules */
policy default
: isAuthenticated
policy fallback
: isAnonymous
/* web rules */
policy Mycontroler.get (web_root)
: isAuthenticated
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
-
net8.0
- Black.Beard.Policies (>= 1.0.17)
- Keycloak.AuthServices.Authentication (>= 2.6.1)
- Microsoft.Extensions.Logging.Abstractions (>= 9.0.5)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.