Summary
Add proper authentication with ASP.NET Core Identity and OIDC/OAuth2 support while maintaining backward compatibility with API key authentication.
Current State
- Simple API key authentication only (
X-NuGet-ApiKey header)
- Single global API key from configuration
- No user accounts or roles
Target State
- ASP.NET Core Identity for user management
- OIDC/OAuth2 for SSO integration
- Per-user API keys stored in database
- Backward compatible with existing API key auth
New Packages
Microsoft.AspNetCore.Identity.EntityFrameworkCore 9.0.0
Microsoft.AspNetCore.Authentication.OpenIdConnect 9.0.0
Tasks
New Entities
public class BaGetUser : IdentityUser
{
public ICollection<UserApiKey> ApiKeys { get; set; }
}
public class UserApiKey
{
public int Id { get; set; }
public string Key { get; set; }
public string Description { get; set; }
public DateTime Created { get; set; }
public DateTime? Expires { get; set; }
public string UserId { get; set; }
public BaGetUser User { get; set; }
}
Configuration
{
"Authentication": {
"Type": "None",
"ApiKey": "",
"OIDC": {
"Authority": "",
"ClientId": "",
"ClientSecret": ""
}
}
}
Files to Modify
src/BaGet.Core/BaGet.Core.csproj
src/BaGet/BaGet.csproj
src/BaGet.Core/Entities/AbstractContext.cs
src/BaGet/Startup.cs
src/BaGet/appsettings.json
src/BaGet.Core/Authentication/ (new files)
src/BaGet.Web/Pages/Account/ (new pages)
Dependencies
- Depends on .NET 9 upgrade
- Depends on PostgreSQL migration
Summary
Add proper authentication with ASP.NET Core Identity and OIDC/OAuth2 support while maintaining backward compatibility with API key authentication.
Current State
X-NuGet-ApiKeyheader)Target State
New Packages
Microsoft.AspNetCore.Identity.EntityFrameworkCore9.0.0Microsoft.AspNetCore.Authentication.OpenIdConnect9.0.0Tasks
BaGet.Core.csprojandBaGet.csprojBaGetUserentity (extends IdentityUser)UserApiKeyentity for per-user API keysAbstractContextto inherit fromIdentityDbContext<BaGetUser>Startup.csCompositeAuthenticationService(supports multiple auth methods)New Entities
Configuration
{ "Authentication": { "Type": "None", "ApiKey": "", "OIDC": { "Authority": "", "ClientId": "", "ClientSecret": "" } } }Files to Modify
src/BaGet.Core/BaGet.Core.csprojsrc/BaGet/BaGet.csprojsrc/BaGet.Core/Entities/AbstractContext.cssrc/BaGet/Startup.cssrc/BaGet/appsettings.jsonsrc/BaGet.Core/Authentication/(new files)src/BaGet.Web/Pages/Account/(new pages)Dependencies