-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Pitka edited this page Feb 17, 2023
·
9 revisions
PermissionServer is a library that provides authorization attributes exactly like vanilla ASP.NET, but with support for remote authorization and finely-grained permissions to avoid storing authorization information in a JWT.
- Adds local and/or remote authorization to the application with attributes for controllers and controller actions. These can be type-safe if desired.
- Manages developer-designed permissions, including synchronizing them to a database during migrations if desired.
- Designed for use with either a multi-tenant system, or a single-tenant one with different packages for either.
- Any variation of clients and servers is supported (one-one, many-many, many-one).
- Add in multi-tenancy itself, you must make your own system for this.
- Provide a default way to evaluate authorization. You yourself must implement the interface. Basically, if you want to see a full working example, see the demo. The demo includes custom tenant roles and multi-tenancy. I am mulling over adding this but this will take time and may not be added, as the amount of generics may be too much.
PermissionServer, like any form of authorization library, is opinionated. It may not be what is best for your project. It may be close, but you may need to expand upon it.
- You must use the suggested method of defining permissions and permission categories. You must use enums, and not some form of ASP.NET claims.
- You must make authorization decisions solely based on a user id, a tenant id (unless you're using the single-tenant package), and an optional list of permissions.
- PermissionServer uses gRPC calls for authorization. This means you must add support for HTTP/2 and handle any necessary CORS policy setup between authority and server.
- C# version >= 11.0, because generic attributes are required.