jpm.CliAuth.Discovery

Helpers for exposing a CLI auth discovery endpoint at /.well-known/cli-auth.

Usage

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddCliAuthOptions(builder.Configuration);

var app = builder.Build();

app.MapCliAuthDiscovery();

app.Run();

Manual configuration

builder.Services.AddCliAuthOptions(options =>
{
    options.Issuer = "https://issuer.example.com/realms/rem";
    options.ClientIdPublic = "rem-cli";
    options.Scopes = ["openid", "profile", "offline_access"];
    options.ExpectedRoleClaim = "roles";
    options.RequiredRoles = new CliAuthOptions.RequiredRolesOptions
    {
        Write = ["Release.Ingestor"]
    };
    options.Ci = new CliAuthOptions.CiOptions
    {
        Enabled = false,
        Provider = "azure_cli_token",
        Resource = "api://resource-id"
    };
    options.ClientCredentials = new CliAuthOptions.ClientCredentialsOptions
    {
        Enabled = true,
        Scope = "api://resource-id/.default"
    };
});

appsettings.json

{
  "CliAuth": {
    "Issuer": "https://issuer.example.com/realms/rem",
    "ClientIdPublic": "rem-cli",
    "Scopes": ["openid", "profile", "offline_access"],
    "ExpectedRoleClaim": "roles",
    "RequiredRoles": {
      "Write": ["Release.Ingestor"]
    },
    "Ci": {
      "Enabled": false,
      "Provider": "azure_cli_token",
      "Resource": "api://resource-id"
    },
    "ClientCredentials": {
      "Enabled": true,
      "Scope": "api://resource-id/.default"
    }
  }
}

jpmacarthur/jpm.CliAuth.Discoveryv0.2.5

Get Started

Readme

jpm.CliAuth.Discovery

Usage

Manual configuration

appsettings.json

Keywords

Maintainers