menfra.auth-blaze
3.2.3
dotnet add package menfra.auth-blaze --version 3.2.3
NuGet\Install-Package menfra.auth-blaze -Version 3.2.3
<PackageReference Include="menfra.auth-blaze" Version="3.2.3" />
paket add menfra.auth-blaze --version 3.2.3
#r "nuget: menfra.auth-blaze, 3.2.3"
// Install menfra.auth-blaze as a Cake Addin #addin nuget:?package=menfra.auth-blaze&version=3.2.3 // Install menfra.auth-blaze as a Cake Tool #tool nuget:?package=menfra.auth-blaze&version=3.2.3
Auth-Blaze
Auth-Blaze is a middleware package for C# .NET applications that enforces zero trust principles by verifying identity, device, and contextual information for every request. Auth-Blaze provides robust security through multi-factor authentication (MFA), IP geolocation restrictions, and token validation for API requests, ensuring that only trusted users and devices gain access.
Key Features
- Zero Trust Verification: Authenticates identity, device, and request context to enforce zero trust policies.
- Multi-Factor Authentication (MFA): Supports MFA to strengthen user authentication.
- IP Geolocation-Based Restrictions: Limits access based on the user’s geographic location.
- Access Token Validation: Validates access tokens for every API request to confirm authorization.
- Customizable Policies: Easily configure access policies and thresholds for MFA, IP checks, and token validation.
Getting Started
Installation
Install Auth-Blaze via NuGet Package Manager Console:
Install-Package Auth-Blaze
Or, add it to your .csproj file:
<PackageReference Include="Auth-Blaze" Version="1.0.0" />
Setup and Configuration
To begin, initialize Auth-Blaze in your application’s startup file (e.g., Startup.cs) and configure the middleware with your desired zero trust policies.
// Startup.cs
using AuthBlaze;
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthBlaze(options =>
{
options.EnableMFA = true; // Enable Multi-Factor Authentication (MFA)
options.RestrictByGeolocation = true; // Enable IP geolocation-based access restrictions
options.TokenValidation = true; // Validate access tokens for API requests
options.AllowedGeolocations = new List<string> { "US", "DE", "CA" }; // Allowed IP geolocations
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseAuthBlaze(); // Enable Auth-Blaze middleware in the request pipeline
}
}
Usage
Auth-Blaze automatically validates requests based on identity, device, and context. When applied as middleware, it intercepts each request to ensure compliance with zero trust policies before the request reaches application endpoints.
Example 1: Enforcing Multi-Factor Authentication (MFA)
Auth-Blaze triggers MFA checks during login. If MFA is enabled, users are required to complete an additional verification step, such as entering a code from an authenticator app.
// Startup.cs
using AuthBlaze;
public class LoginService
{
private readonly IAuthBlaze _authBlaze;
public LoginService(IAuthBlaze authBlaze)
{
_authBlaze = authBlaze;
}
public async Task<bool> LoginAsync(string username, string password)
{
bool isAuthenticated = await _authBlaze.AuthenticateAsync(username, password);
if (isAuthenticated)
{
bool mfaResult = await _authBlaze.EnforceMFAAsync(username);
return mfaResult;
}
return false;
}
}
Example 2: Restricting Access Based on Geolocation
Auth-Blaze can block access if the user’s IP geolocation does not match the allowed locations configured in the setup.
using AuthBlaze;
public class RequestService
{
private readonly IAuthBlaze _authBlaze;
public RequestService(IAuthBlaze authBlaze)
{
_authBlaze = authBlaze;
}
public void HandleRequest(HttpContext context)
{
if (!_authBlaze.IsGeolocationAllowed(context))
{
// Reject request or return a "403 Forbidden" response
context.Response.StatusCode = 403;
context.Response.WriteAsync("Access denied based on geolocation.");
}
}
}
Example Scenarios
- Multi-Factor Authentication: Strengthens authentication by requiring MFA for sensitive operations.
- IP Geolocation Blocking: Restricts access from specific countries or regions.
- Access Token Validation: Ensures that only authorized requests with valid tokens are processed.
- Contextual Device Verification: Confirms that requests originate from trusted devices, helping to prevent session hijacking.
Contributing
We welcome contributions! Please open an issue or submit a pull request if you have suggestions or improvements.
License
This project is licensed under the MIT License - see the LICENSE file for details.
#Contact For questions or feedback, please contact [[email protected]].
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
-
net6.0
- Microsoft.AspNetCore.Http.Abstractions (>= 2.2.0)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 9.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last updated |
|---|---|---|
| 3.2.3 | 51 | 11/12/2024 |