Tolitech.Infrastructure.Authorization
1.0.0-preview.6
dotnet add package Tolitech.Infrastructure.Authorization --version 1.0.0-preview.6
NuGet\Install-Package Tolitech.Infrastructure.Authorization -Version 1.0.0-preview.6
<PackageReference Include="Tolitech.Infrastructure.Authorization" Version="1.0.0-preview.6" />
<PackageVersion Include="Tolitech.Infrastructure.Authorization" Version="1.0.0-preview.6" />
<PackageReference Include="Tolitech.Infrastructure.Authorization" />
paket add Tolitech.Infrastructure.Authorization --version 1.0.0-preview.6
#r "nuget: Tolitech.Infrastructure.Authorization, 1.0.0-preview.6"
#:package Tolitech.Infrastructure.Authorization@1.0.0-preview.6
#addin nuget:?package=Tolitech.Infrastructure.Authorization&version=1.0.0-preview.6&prerelease
#tool nuget:?package=Tolitech.Infrastructure.Authorization&version=1.0.0-preview.6&prerelease
Tolitech.Infrastructure.Authorization
A robust .NET library for managing authorization logic, providing essential tools for permission handling, attribute-based authorization, and policy configuration. Designed for modern, scalable applications requiring flexible and secure access control.
Features
- Permission Management: Centralized handling of user and role-based permissions.
- Attribute-Based Authorization: Use of custom attributes to secure controllers, actions, or methods.
- Policy Configuration: Easily define and register authorization policies.
- Integration with ASP.NET Core: Seamless integration with the ASP.NET Core authorization pipeline.
- Custom Authorization Handlers: Support for custom logic and requirements.
- Extensible: Easily extend or override default behaviors to fit your application's needs.
Installation
Add the NuGet package to your project:
dotnet add package Tolitech.Infrastructure.Authorization
Getting Started
1. Register Authorization Services
In your Startup.cs
or Program.cs
:
using Tolitech.Infrastructure.Authorization;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthorization(options =>
{
// Register custom policies
options.AddPolicy("AdminOnly", policy => policy.RequireRole("Admin"));
});
2. Use Attribute-Based Authorization
Apply attributes to controllers or actions:
using Microsoft.AspNetCore.Authorization;
[Authorize(Policy = "AdminOnly")]
public class AdminController : Controller
{
// ...
}
3. Check Permissions in Code
You can check permissions programmatically:
using Microsoft.AspNetCore.Authorization;
public class MyService
{
private readonly IAuthorizationService _authorizationService;
public MyService(IAuthorizationService authorizationService)
{
_authorizationService = authorizationService;
}
public async Task<bool> CanEditAsync(User user, Resource resource)
{
var result = await _authorizationService.AuthorizeAsync(user, resource, "EditPolicy");
return result.Succeeded;
}
}
Advanced Usage
- Custom Authorization Handlers: Implement
AuthorizationHandler<TRequirement>
for advanced scenarios. - Dynamic Policies: Generate policies at runtime based on application logic.
- Claims-Based Authorization: Use claims to control access at a granular level.
Example: Custom Requirement and Handler
public class MinimumAgeRequirement : IAuthorizationRequirement
{
public int MinimumAge { get; }
public MinimumAgeRequirement(int minimumAge) => MinimumAge = minimumAge;
}
public class MinimumAgeHandler : AuthorizationHandler<MinimumAgeRequirement>
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, MinimumAgeRequirement requirement)
{
if (context.User.HasClaim(c => c.Type == "Age" && int.Parse(c.Value) >= requirement.MinimumAge))
{
context.Succeed(requirement);
}
return Task.CompletedTask;
}
}
Register the handler in your DI container:
services.AddSingleton<IAuthorizationHandler, MinimumAgeHandler>();
Add the policy:
options.AddPolicy("AtLeast18", policy => policy.Requirements.Add(new MinimumAgeRequirement(18)));
Apply the policy:
[Authorize(Policy = "AtLeast18")]
public IActionResult AdultContent() => View();
Error Handling
Authorization failures are handled by ASP.NET Core's middleware. You can customize the response by configuring the AuthorizationMiddleware
or handling the OnForbidden
event.
Tolitech.Infrastructure.Authorization brings flexible, secure, and extensible authorization to your .NET applications.
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net9.0 is compatible. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
-
net9.0
- Microsoft.AspNetCore.Authentication.JwtBearer (>= 9.0.6)
- Tolitech.Application.Authorization (>= 1.0.0-preview.4)
- Tolitech.Infrastructure (>= 1.0.0-preview.4)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Version | Downloads | Last Updated |
---|---|---|
1.0.0-preview.6 | 482 | 7/22/2025 |
1.0.0-preview.5 | 120 | 7/3/2025 |
1.0.0-preview.4 | 121 | 7/3/2025 |
1.0.0-preview.3 | 157 | 4/24/2025 |
1.0.0-preview.2 | 140 | 3/17/2025 |
1.0.0-preview.1 | 75 | 12/12/2024 |