affolternet-web-bff

affolterNET.Web - Authentication & Authorization Libraries

This library collection provides flexible authentication and authorization modes for ASP.NET Core applications with YARP reverse proxy integration.

NuGet Packages

Package	NuGet	Description
affolterNET.Web.Core		Core authentication and authorization components
affolterNET.Web.Api		API authentication components
affolterNET.Web.Bff		BFF authentication with YARP reverse proxy integration

Installation

# Core package (required)
dotnet add package affolterNET.Web.Core

# For API authentication
dotnet add package affolterNET.Web.Api

# For BFF (Backend-for-Frontend) with YARP
dotnet add package affolterNET.Web.Bff

Claude Code Integration

This library includes Claude Code plugins for AI-assisted configuration. The plugins provide contextual guidance for service registration, authentication setup, YARP configuration, and more.

Plugin Installation

# Add the marketplace
/plugin marketplace add https://github.com/affolterNET/affolterNET.Web

# Install for BFF applications
/plugin install [email protected]

# Install for API applications
/plugin install [email protected]

Available Skills

BFF Plugin:

• bff-setup - Service registration and middleware pipeline
• keycloak-auth - Cookie-based OIDC authentication
• yarp-proxy - YARP reverse proxy configuration
• spa-integration - SPA fallback and 401 handling
• rpt-permissions - Permission-based authorization
• security - Headers, CORS, and antiforgery
• swagger - OpenAPI documentation
• customization - Middleware extension hooks

API Plugin:

• api-setup - Service registration and middleware
• jwt-auth - JWT Bearer authentication
• security - Headers and CORS
• swagger - OpenAPI documentation
• health-checks - Health check endpoints

Development

Building Packages Locally

Use the provided script to build and test packages locally:

# Build, test, and pack version 1.0.0
./manage-packages.sh 1.0.0

# Only build
./manage-packages.sh 1.0.0 build

# Only pack packages
./manage-packages.sh 1.0.0 pack

# Publish to local NuGet source for testing
./manage-packages.sh 1.0.0 publish-local

CI/CD Pipeline

The repository includes GitHub Actions workflows for:

• Continuous Integration: Build and test on every push/PR
• Package Publishing: Automatic NuGet publishing on releases
• Version Management: Automatic versioning with preview builds

To publish to NuGet.org:

1. Add NUGET_API_KEY to repository secrets
2. Create a release with version tag (e.g., v1.0.0)
3. Packages will be automatically published

This library provides flexible authentication and authorization modes for ASP.NET Core applications with YARP reverse proxy integration.

Authentication Modes

┌─────────────────────────────────────────────────────────────────────────────────┐
│                               AUTHENTICATION MODES                              │
└─────────────────────────────────────────────────────────────────────────────────┘

┌─────────────────┐  ┌─────────────────┐  ┌─────────────────────────────────────┐
│      NONE       │  │   AUTHENTICATE  │  │             AUTHORIZE               │
│                 │  │     (LOGIN)     │  │                                     │
│ Anonymous       │  │ Login Required  │  │ Login + Permission Claims Required  │
│ Access          │  │ No Permissions  │  │ Fine-grained Access Control         │
└─────────────────┘  └─────────────────┘  └─────────────────────────────────────┘