TwoRivers.Security
1.1.6
There is a newer prerelease version of this package available.
See the version list below for details.
See the version list below for details.
dotnet add package TwoRivers.Security --version 1.1.6
NuGet\Install-Package TwoRivers.Security -Version 1.1.6
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="TwoRivers.Security" Version="1.1.6" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="TwoRivers.Security" Version="1.1.6" />
<PackageReference Include="TwoRivers.Security" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add TwoRivers.Security --version 1.1.6
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: TwoRivers.Security, 1.1.6"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#:package TwoRivers.Security@1.1.6
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.
#addin nuget:?package=TwoRivers.Security&version=1.1.6
#tool nuget:?package=TwoRivers.Security&version=1.1.6
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
TwoRivers.Security
The TwoRivers.Security library provides extension methods for working with claims-based authentication in .NET applications. It simplifies extracting and working with user claims from ClaimsPrincipal and Claim collections.
Installation
You can install the TwoRivers.Security package via NuGet Package Manager:
Install-Package TwoRivers.Security
Or via the .NET CLI:
dotnet add package TwoRivers.Security
Features
ClaimsPrincipalExtensions
Extension methods for ClaimsPrincipal that provide convenient access to common user information:
- FullName: Combines GivenName and FamilyName claims
- Email: Retrieves the email address claim
- EmailAddress: Returns a strongly-typed
EmailAddressvalue object - ZoneInfo: Retrieves timezone information (defaults to
TwoRiversDefaults.TimeZone)
ClaimExtensions
Extension methods for working with IEnumerable<Claim> collections:
- FirstOrDefaultString: Extracts a claim value as a String with optional default
- FirstOrDefaultInt32: Extracts a claim value as an Int32 with optional default
- FirstOrDefaultGuid: Extracts a claim value as a Guid with optional default
- FirstOrDefault: Finds a claim by type (case-insensitive)
TwoRiversClaims
Standard claim type constants for the TwoRivers framework:
- ZoneInfo:
"tr_timezone"- User's timezone identifier - GivenName:
"tr_given_name"- User's first name - FamilyName:
"tr_family_name"- User's last name - EmailAddress:
"tr_email_address"- User's email address
Usage
Extracting User Information from ClaimsPrincipal
using TwoRivers.Security;
public class UserProfileService
{
public UserProfile GetProfile(ClaimsPrincipal user)
{
return new UserProfile
{
FullName = user.FullName(),
Email = user.Email(),
EmailAddress = user.EmailAddress(),
TimeZone = user.ZoneInfo()
};
}
}
Working with Claims Collections
using TwoRivers.Security;
public class ClaimsService
{
public void ProcessClaims(IEnumerable<Claim> claims)
{
// Extract string values
var givenName = claims.FirstOrDefaultString(TwoRiversClaims.GivenName, "Unknown");
// Extract typed values
var userId = claims.FirstOrDefaultGuid("user_id");
var age = claims.FirstOrDefaultInt32("age", 0);
// Get full name from claims
var fullName = claims.FullName();
// Get timezone or default
var timezone = claims.ZoneInfo(); // Returns TwoRiversDefaults.TimeZone if not found
}
}
Adding Claims to Identity
using System.Security.Claims;
using TwoRivers.Security;
public class AuthenticationService
{
public ClaimsPrincipal CreatePrincipal(User user)
{
var claims = new List<Claim>
{
new Claim(TwoRiversClaims.GivenName, user.FirstName),
new Claim(TwoRiversClaims.FamilyName, user.LastName),
new Claim(TwoRiversClaims.EmailAddress, user.Email),
new Claim(TwoRiversClaims.ZoneInfo, user.TimeZone ?? "America/New_York"),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
};
var identity = new ClaimsIdentity(claims, "TwoRivers");
return new ClaimsPrincipal(identity);
}
}
ASP.NET Core Integration
using Microsoft.AspNetCore.Mvc;
using TwoRivers.Security;
[ApiController]
[Route("api/[controller]")]
public class ProfileController : ControllerBase
{
[HttpGet("me")]
public IActionResult GetCurrentUser()
{
return Ok(new
{
FullName = User.FullName(),
Email = User.Email(),
TimeZone = User.ZoneInfo()
});
}
}
Best Practices
Use Strongly-Typed Constants
Always use TwoRiversClaims constants instead of magic strings:
// Good
var email = claims.FirstOrDefaultString(TwoRiversClaims.EmailAddress);
// Avoid
var email = claims.FirstOrDefaultString("tr_email_address");
Provide Sensible Defaults
Use the default parameter to handle missing claims gracefully:
// Provide default for optional claims
var timezone = claims.FirstOrDefaultString(TwoRiversClaims.ZoneInfo, "UTC");
// For required claims, validate separately
var userId = claims.FirstOrDefaultGuid("user_id");
if (userId == Guid.Empty)
{
throw new UnauthorizedAccessException("User ID claim is required");
}
Use EmailAddress Value Object
Prefer the EmailAddress value object over raw strings:
// Good - strongly typed
var emailAddress = user.EmailAddress();
await emailSender.SendAsync(emailAddress, "Welcome!");
// Less ideal - stringly typed
var email = user.Email();
await emailSender.SendAsync(new EmailAddress("", email), "Welcome!");
License
This project is licensed under the MIT License. See the LICENSE file for details.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 is compatible. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 is compatible. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net10.0
- TwoRivers.Core (>= 1.1.6)
-
net8.0
- TwoRivers.Core (>= 1.1.6)
-
net9.0
- TwoRivers.Core (>= 1.1.6)
NuGet packages (1)
Showing the top 1 NuGet packages that depend on TwoRivers.Security:
| Package | Downloads |
|---|---|
|
TwoRivers.Emailing
Framework and tools for implementing applications by following best practices in a developer friendly way. Built from commit 59db18f48398b711c50e16d5da7aacc2e0e6f014 https://github.com/TwoRiversIT/AppFramework/commit/59db18f48398b711c50e16d5da7aacc2e0e6f014 |
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last Updated |
|---|---|---|
| 2.0.0-beta.8 | 67 | 3/5/2026 |
| 2.0.0-beta.7 | 65 | 3/5/2026 |
| 2.0.0-beta.6 | 55 | 3/5/2026 |
| 2.0.0-beta.5 | 59 | 3/4/2026 |
| 2.0.0-beta.4 | 59 | 3/4/2026 |
| 2.0.0-beta.3 | 61 | 3/3/2026 |
| 2.0.0-beta.2 | 61 | 3/3/2026 |
| 2.0.0-beta.1 | 60 | 3/3/2026 |
| 2.0.0-beta.0 | 62 | 3/3/2026 |
| 1.1.6 | 123 | 2/26/2026 |
| 1.1.5 | 103 | 2/25/2026 |
| 1.1.4 | 124 | 2/22/2026 |
| 1.1.3 | 116 | 2/22/2026 |
| 1.1.2 | 124 | 2/22/2026 |
| 1.1.1 | 120 | 2/22/2026 |
| 1.1.0 | 122 | 2/22/2026 |
| 1.0.0 | 154 | 2/17/2026 |
Loading failed