Releases: Hawxy/Fga.Net
Releases · Hawxy/Fga.Net
v2.0.0
Breaking Changes
- Dropped support for .NET 6/7. 8+ is required.
- Updated the FGA token issuer from
fga.us.auth0.com
toauth.fga.dev
in line with upstream requirements. - Removed obsolete
SetConnection
overload. - Set minimum
OpenFga.Sdk
version to 0.5.1.
New Features
- Added support for supplying contextual tuples as part of an attribute via
GetContextualTuple
- Added support for configuring FGA's telemetry configuration.
v1.2
v1.1
Breaking Changes
- Update to OpenFga.Sdk 0.3.0. This release contains a number of breaking changes to contract types and I'd recommend reading the upstream release notes.
Misc
- Marked
SetConnection
with schema overload as obsolete inline with upstream. - Adjusted authorization handler to throw an exception if the incorrect routing context (ie non-endpoint routing) is passed in rather than silently failing. Please open an issue if this has any unintended side-effects. (Closes #13)
v1.0
v1.0 Beta 1 🚀
This releases contains considerable breaking changes to the configuration. I consider this API final for the v1.0 release pending any usability issues.
Breaking changes
- DSL v1.1 is now a hard requirement.
- Added a new configuration builder that encapsulates all out of the box authentication scenarios to improve DX
builder.Services.AddOpenFgaClient(config =>
{
- config.WithAuth0FgaDefaults(builder.Configuration["Auth0Fga:ClientId"], builder.Configuration["Auth0Fga:ClientSecret"]);
- config.StoreId = builder.Configuration["Auth0Fga:StoreId"];
});
builder.Services.AddOpenFgaMiddleware(middlewareConfig =>
{
- middlewareConfig.UserIdentityResolver = principal => $"user:{principal.Identity!.Name!}";
});
builder.Services.AddOpenFgaClient(config =>
{
+ config.ConfigureAuth0Fga(x =>
+ {
+ x.WithAuthentication(builder.Configuration["Auth0Fga:ClientId"]!, builder.Configuration["Auth0Fga:ClientSecret"]!);
+ });
+ config.SetStoreId(builder.Configuration["Auth0Fga:StoreId"]!);
});
builder.Services.AddOpenFgaMiddleware(middlewareConfig =>
{
+ middlewareConfig.SetUserIdentifier("user", principal => principal.Identity!.Name!);
});
See the updated README for more information, including updated OpenFga configuration.
Features
- Added
PostConfigureFgaClient
to overwrite FGA configuration for testing scenarios.
Bug fixes
- Fixed an issue that resulted in the FGA clients refreshing access tokens on every request. FGA clients are now registered as singletons.
- Added validation & logging to the middleware to prevent invalid user identifiers reaching the FGA API and throwing an unhelpful exception.
v0.9 Alpha
New Features
- Added support for
OpenFgaClient
, this type offers ergonomic improvements overOpenFgaApi
and should be preferred. See the official post for more information. - The middleware will now perform a parallel check if multiple check attributes are present for a given endpoint.
- Added Minimal API extensions for the built-in attributes:
builder.MapGet("/", () => /****/)
// FgaHeaderObjectAttribute
.WithFgaHeaderCheck("x", "y", "z")
// FgaRouteObjectAttribute
.WithFgaRouteCheck("x", "y", "z")
// FgaQueryObjectAttribute
.WithFgaQueryCheck("x", "y", "z")
// FgaPropertyObjectAttribute
.WithFgaPropertyCheck("x", "y", "z");
- Improved logging if an exception occurs during a middleware check.
Breaking Changes
- Remove previously obsoleted
AddOpenFga
extension.
v0.8 Alpha
Breaking Changes
- Updated OpenFga.Sdk to 0.2.0
- Obsoleted
AddOpenFga
, useAddOpenFgaClient
&AddOpenFgaMiddleware
instead:
- builder.Services.AddOpenFga(clientConfig =>
{
clientConfig.WithAuth0FgaDefaults(builder.Configuration["Auth0Fga:ClientId"], builder.Configuration["Auth0Fga:ClientSecret"]);
clientConfig.StoreId = builder.Configuration["Auth0Fga:StoreId"];
- }, middlewareConfig =>
{
middlewareConfig.UserIdentityResolver = principal => principal.Identity!.Name!;
});
+ builder.Services.AddOpenFgaClient(clientConfig =>
{
clientConfig.WithAuth0FgaDefaults(builder.Configuration["Auth0Fga:ClientId"], builder.Configuration["Auth0Fga:ClientSecret"]);
clientConfig.StoreId = builder.Configuration["Auth0Fga:StoreId"];
});
+ builder.Services.AddOpenFgaMiddleware(middlewareConfig =>
{
middlewareConfig.UserIdentityResolver = principal => principal.Identity!.Name!;
});
New Features
FgaPropertyObjectAttribute
now parses JSON asynchronously.- Dual-targeted .NET 6 & .NET 7
Note about DSL v1.1
In order to use the built-in attributes with DSL v1.1, you must pass in a user type via the resolver:
config.UserIdentityResolver = principal => $"user:{principal.Identity!.Name!}";
This is a bit clunky, so expect this syntax to change in a future release. If you encounter any other rough edges with v1.1, please open an issue.
v0.7 Alpha
Breaking Changes
TupleCheckAttribute
->FgaAttribute
StringTupleCheckAttribute
->FgaStringAttribute
- Updated OpenFga.Sdk to 0.1.0
New Features
- Added a number of new attributes to cover common FGA authorization scenarios, see the README for more info.
- Added additional logging & error handling to FGA middleware.
v0.6 Alpha
Breaking Changes
- This project now hangs off OpenFga.Sdk instead the Auth0 FGA client, and thus is now compatible with both OpenFGA & Auth0 FGA
- The DI Extensions have been renamed to reflect this change:
// old
builder.Services.AddAuth0Fga(x =>
{
x.ClientId = builder.Configuration["Auth0Fga:ClientId"];
x.ClientSecret = builder.Configuration["Auth0Fga:ClientSecret"];
x.StoreId = builder.Configuration["Auth0Fga:StoreId"];
});
// new
builder.Services.AddOpenFga(x =>
{
x.WithAuth0FgaDefaults(builder.Configuration["Auth0Fga:ClientId"], builder.Configuration["Auth0Fga:ClientSecret"]);
x.StoreId = builder.Configuration["Auth0Fga:StoreId"];
});
- The
WithAuth0FgaDefaults
extension has been added to allow easy setup of the OpenFGA client for Auth0 FGA.
See the README for OpenSDK usage.
v0.5 Alpha
- Update to Auth0.Fga v0.3.1 and deal with breaking changes
- Add debug logging to middleware
- Enable Middleware tests once again