The Permguard DotNet Core SDK provides a simple and flexible client to perform authorization checks against a Permguard Policy Decision Point (PDP) service using gRPC. Plase refer to the Permguard Documentation for more information.
- Net Core 8
dotnet add package PermguardBelow is a sample Go code demonstrating how to create a Permguard client, build an authorization request using a builder pattern, and process the authorization response:
using Permguard;
using Permguard.AzReq;
try
{
// Create a new Permguard client
var client = new AzClient(new AzConfig().WithEndpoint(new AzEndpoint("http", 9094, "localhost")));
// Create the Principal
var principal = new PrincipalBuilder("amy.smith@acmecorp.com")
.WithSource("keycloak")
.WithKind("user")
.Build();
// Create the entities
var entities = new List<Dictionary<string, object>?>
{
new()
{
{ "uid", new Dictionary<string,object>
{
{ "type", "MagicFarmacia::Platform::BranchInfo" },
{ "id", "subscription" }
}
},
{ "attrs", new Dictionary<string, object> { { "active", true } } },
{ "parents", new List<object>() }
}
};
// Create a new authorization request
var request = new AzAtomicRequestBuilder(285374414806,
"f81aec177f8a44a48b7ceee45e05507f",
"platform-creator",
"MagicFarmacia::Platform::Subscription",
"MagicFarmacia::Platform::Action::create")
// RequestID
.WithRequestId("31243")
// Principal
.WithPrincipal(principal)
// Entities
.WithEntitiesMap("cedar", entities)
// Subject
.WithSubjectKind("role-actor")
.WithSubjectSource("keycloak")
.WithSubjectProperty("isSuperUser", true)
// Resource
.WithResourceId("e3a786fd07e24bfa95ba4341d3695ae8")
.WithResourceProperty("isEnabled", true)
// Action
.WithActionProperty("isEnabled", true)
// Context
.WithContextProperty("isSubscriptionActive", true)
.WithContextProperty("time", "2025-01-23T16:17:46+00:00")
.Build();
// Check the authorization
var response = client.CheckAuth(request);
if (response == null)
{
Console.WriteLine("β Failed to check auth.");
throw new Exception("Failed to check auth response");
}
if (response.Decision) {
Console.WriteLine("β
Authorization Permitted");
}
else
{
Console.WriteLine("β Authorization Denied");
if (response.Context != null) {
if (response.Context?.ReasonAdmin != null)
{
Console.WriteLine($"-> Reason Admin: {response.Context?.ReasonAdmin?.Message}");
}
if (response.Context?.ReasonUser != null)
{
Console.WriteLine($"-> Reason User: {response.Context?.ReasonUser?.Message}");
}
}
foreach (var eval in response.Evaluations)
{
if (eval.Decision)
{
Console.WriteLine("-> β
Authorization Permitted");
}
if (eval.Context != null) {
if (eval.Context?.ReasonAdmin != null)
{
Console.WriteLine($"-> Reason Admin: {eval.Context?.ReasonAdmin?.Message}");
}
if (eval.Context?.ReasonUser != null)
{
Console.WriteLine($"-> Reason User: {eval.Context?.ReasonUser?.Message}");
}
}
}
}
}
catch (Exception e)
{
Console.WriteLine("β Failed to check auth.");
throw;
}Our SDK follows a versioning scheme aligned with the PermGuard server versions to ensure seamless integration. The versioning format is as follows:
SDK Versioning Format: x.y.z
- x.y: Indicates the compatible PermGuard server version.
- z: Represents the SDK's patch or minor updates specific to that server version.
Compatibility Examples:
SDK Version 1.3.0is compatible withPermGuard Server 1.3.SDK Version 1.3.1includes minor improvements or bug fixes forPermGuard Server 1.3.
Incompatibility Example:
SDK Version 1.3.0may not be guaranteed to be compatible withPermGuard Server 1.4due to potential changes introduced in server version1.4.
Important: Ensure that the major and minor versions (x.y) of the SDK match those of your PermGuard server to maintain compatibility.
Created by Nitro Agility.