VOOZH about

URL: https://www.nuget.org/packages/Vorn.Aaas.Client/

⇱ NuGet Gallery | Vorn.Aaas.Client 9.1.2



Vorn.Aaas.Client 9.1.2 

dotnet add package Vorn.Aaas.Client --version 9.1.2
 
 
NuGet\Install-Package Vorn.Aaas.Client -Version 9.1.2
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Vorn.Aaas.Client" Version="9.1.2" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Vorn.Aaas.Client" Version="9.1.2" />
 


 Directory.Packages.props
 

 

 
<PackageReference Include="Vorn.Aaas.Client" />
 


 Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Vorn.Aaas.Client --version 9.1.2
The NuGet Team does not provide support for this client. Please contact its maintainers for support. 
#r "nuget: Vorn.Aaas.Client, 9.1.2"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Vorn.Aaas.Client@9.1.2
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Vorn.Aaas.Client&version=9.1.2
 


 Install as a Cake Addin
 

 

 
#tool nuget:?package=Vorn.Aaas.Client&version=9.1.2
 


 Install as a Cake Tool
The NuGet Team does not provide support for this client. Please contact its maintainers for support.

Vorn.Aaas.Client

Client library for integrating ASP.NET Core (.NET 8) Razor Components/Blazor Server apps with Vorn AAAS (Authentication and Access-as-a-Service).

It wires up OpenID Connect cookie authentication, exposes login/logout endpoints, configures authorization with access-claim requirements, provides a strongly-typed access service for querying/updating user access, and includes reusable UI components.

Features

  • OpenID Connect cookie authentication with refresh token revocation on logout
  • Login/logout endpoints mapped under /authentication
  • Default authorization policy requiring an access claim; built-in Admin policy
  • IAccessService for reading and mutating client-specific access and roles
  • Razor Components/Blazor Server ready (adds authentication state and SignalR options)
  • Data Protection keys persisted to Keys/ and protected by a generated PFX certificate
  • Preconfigured JWT Bearer authentication for API endpoints (accepts at+jwt access tokens)
  • Drop-in UI components for login, logout, profile, and simple admin experiences

Requirements

  • .NET 8
  • ASP.NET Core app (Razor Components/Blazor Server or MVC + Components)
  • An OpenID Connect authority (e.g., IdentityServer, Entra ID, Auth0, etc.) configured for your client

Installation

Install from NuGet:

dotnet add package Vorn.Aaas.Client

(The API client is brought in transitively.)

Configuration

Add the Vorn:Aaas section to your appsettings.json or environment variables:

{
 "Vorn": {
 "Aaas": {
 "Authority": "https://auth.example.com",
 "ClientId": "your-client-id",
 "Secret": "your-client-secret",
 "CookieExpirationDays": 14,
 "DataProtectionPassword": "use-a-strong-secret"
 }
 }
}

Settings reference (see Vorn.Aaas.Client.Api.Models.AaasOptions):

  • Authority (required): OIDC authority base URL
  • ClientId (required): Registered OIDC client ID
  • Secret (required): Client secret used for token revocation and API calls if applicable
  • CookieExpirationDays (optional): Sliding cookie expiration window; default 14
  • DataProtectionPassword (recommended): Password used to protect the generated DataProtection.pfx
  • DataProtectionDomain (optional): Not required by the client; the domain is inferred from Authority

Quick start

Program setup in Program.cs:

var builder = WebApplication.CreateBuilder(args);

// Registers OIDC Cookie + JWT auth, authorization policies, services, components, API client, data protection, etc.
builder.AddAaasClient();

var app = builder.Build();

// Adds HSTS/HTTPS, static files, authN, owner-id middleware, authZ, antiforgery, and auth endpoints
app.UseAaasClient();

// Map your components/routes as usual
// app.MapRazorComponents<App>().AddInteractiveServerRenderMode();

app.Run();

Add component import(s) once (e.g., to _Imports.razor):

@using Vorn.Aaas.Client.Components
@using Vorn.Aaas.Client.Components.Admin

Authentication endpoints

The library maps the following endpoints under the /authentication route group:

  • GET /authentication/login?returnUrl=/path — challenges OIDC and redirects back
  • POST /authentication/logout — signs out, revokes refresh token, and redirects

Authorization

The default policy requires an authenticated user and a valid access claim. An Admin policy is defined for privileged operations.

Constants are available in Vorn.Aaas.Client.Constants.AaasConstants:

  • AaasConstants.Admin — policy name for admin access
  • AaasConstants.AccessClaim — the access claim type ("access")

Examples:

using Microsoft.AspNetCore.Authorization;
using Vorn.Aaas.Client.Constants;

[Authorize] // default policy requires access claim
public class SecurePageModel : PageModel { }

[Authorize(Policy = AaasConstants.Admin)]
public class AdminPageModel : PageModel { }

Access service

Use IAccessService to initialize and query the current user’s access and manage client users/roles.

@inject Vorn.Aaas.Client.Services.IAccessService AccessService

@code {
 protected override async Task OnInitializedAsync()
 {
 await AccessService.InitializeAsync(); // uses configured ClientId by default

 // Current user
 var me = AccessService.User;
 var access = AccessService.Access; // includes roles/readers/writers/Admin flag

 // All client users (if you have Admin access)
 var users = AccessService.Users;
 }
}

Admin flows can update access (when Access.Admin is true):

await AccessService.SetUserAccessAsync(userId, clientId, accessValue);
await AccessService.RemoveUserAccessAsync(userId, clientId);

UI components

These Razor components are available to drop into your app:

  • AaasLogin — show a login button/flow
  • AaasLogout — show a logout button/flow
  • AaasProfile — basic profile info for the current user
  • Admin components:
    • AccessUsersMatrix
    • AccessClaimsMatrix
    • RoleEditor

Example:

<AaasLogin />
<AaasProfile />

@attribute [Authorize(Policy = Vorn.Aaas.Client.Constants.AaasConstants.Admin)]
<AccessUsersMatrix />

Data Protection

AddAaasClient configures ASP.NET Core Data Protection to:

  • Persist keys to ./Keys
  • Protect keys with a generated DataProtection.pfx (CN derived from Vorn:Aaas:Authority)
  • Use Vorn:Aaas:DataProtectionPassword to secure the PFX

Recommendations:

  • Do not commit DataProtection.pfx or Keys/ to source control; persist them across deployments with external storage
  • Provide DataProtectionPassword via environment variables or user-secrets in development

JWT Bearer for APIs

AddAaasClient also configures JwtBearerDefaults.AuthenticationScheme with:

  • Authority = Vorn:Aaas:Authority
  • ValidateAudience = false (adjust to your needs)
  • ValidTypes = [ "at+jwt" ]

Use it on API controllers as needed:

using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Authorization;

[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
[ApiController]
[Route("api/[controller]")]
public class ValuesController : ControllerBase { }

Troubleshooting

  • Correlation failed during OIDC login: The library clears cookies and redirects to a user-friendly error. Ensure your app’s public URL, proxy headers, and cookie domains are configured correctly.
  • Infinite login loop: Check the Vorn:Aaas:Authority, client registration, and required scopes/claims. Clear cookies and try again.
  • Data protection key issues across instances: Persist the Keys/ folder and DataProtection.pfx across all instances, or configure a shared key repository (e.g., Redis, blob storage) and a shared certificate.

Example minimal Program.cs

var builder = WebApplication.CreateBuilder(args);
builder.AddAaasClient();
var app = builder.Build();
app.UseAaasClient();
app.Run();

License

See the repository’s license file for details.

Product Versions Compatible and additional computed target framework versions.
.NET net8.0 net8.0 is compatible.  net8.0-android net8.0-android was computed.  net8.0-browser net8.0-browser was computed.  net8.0-ios net8.0-ios was computed.  net8.0-maccatalyst net8.0-maccatalyst was computed.  net8.0-macos net8.0-macos was computed.  net8.0-tvos net8.0-tvos was computed.  net8.0-windows net8.0-windows was computed.  net9.0 net9.0 was computed.  net9.0-android net9.0-android was computed.  net9.0-browser net9.0-browser was computed.  net9.0-ios net9.0-ios was computed.  net9.0-maccatalyst net9.0-maccatalyst was computed.  net9.0-macos net9.0-macos was computed.  net9.0-tvos net9.0-tvos was computed.  net9.0-windows net9.0-windows was computed.  net10.0 net10.0 was computed.  net10.0-android net10.0-android was computed.  net10.0-browser net10.0-browser was computed.  net10.0-ios net10.0-ios was computed.  net10.0-maccatalyst net10.0-maccatalyst was computed.  net10.0-macos net10.0-macos was computed.  net10.0-tvos net10.0-tvos was computed.  net10.0-windows net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
9.1.2 299 11/16/2025
9.1.1 217 11/15/2025
9.1.0 215 11/15/2025
9.0.2 301 11/10/2025
9.0.1 189 11/9/2025
9.0.0 225 11/5/2025
8.9.7 289 11/30/2025
8.9.6 289 11/30/2025
8.9.5 297 11/30/2025
8.9.4 150 11/29/2025
8.9.3 147 11/29/2025
8.9.2 192 11/23/2025
8.9.1 194 11/23/2025
8.9.0 243 11/9/2025
8.8.0 238 11/2/2025
8.7.1 225 10/29/2025
8.7.0 240 10/27/2025
8.6.2 230 10/27/2025
8.6.1 188 10/25/2025
8.6.0 186 10/25/2025
Loading failed