Dangl.RestClient
This project provides DanglHttpClient to easily interact with all Dangl web services.
To avoid TCP exhaustion, HttpClients and derived types should always be used as singletons.
ITokenHandler
The ITokenHandler is an interface that be be used to support the automatic
obtaining of Tokens and refreshing them. It can be configured to support either of
the functionalities or none at all. If none is supplied, by default a NoOpTokenHandler
is used that does not perform any operations.
It can be used, for example, in server backends that use the ClientCredentials grant.
If you want to act when a token is obtained or refreshed, you can use the EventHandler<TokenUpdateEventArgs> TokenUpdate
event on the ITokenHandler.
ITokenStorage
The ITokenStorage is an interface that is used to store and persist tokens, e.g.
it could use the local app storage on a mobile app or the database in a server application.
It is used so that only tokens and not the full user credentials need to be stored.
By default, there's an InMemoryTokenStorage for non-persisting use available.
DanglHttpClientAccessor
This is a simple class that only keeps a reference to an HttpClient. When the HttpClientFactory pattern
is used, this class can be specified as a dependency to be able to have easy access via dependency injection to
a correctly lifetime-managed HttpClient.
FallbackHandler
The FallbackHandler is a DelegatingHandler that can be configured with multiple baseUrls. If a request
is returning an error that can possibly be recovered from by pointing to a fallback, the request is sent again
to the next available fallback url.
AuthenticationHandler
The AuthenticationHandler internally uses ITokenHandler and ITokenStorage to append OAuth2 Bearer
authentication to whitelisted urls.
GzipHandler
The GzipHandler is an implementation of DelegatingHandler that sends requests gzip compressed.
DependencyInjection
The AddDanglHttpClient<T>() method can be used to register an HttpClient with both an AuthenticationHandler
and a FallbackHandler via the HttpClientFactory pattern.
Dangl.RestClient.Identity.Server
The Dangl.RestClient.Identity.Server package contains a DanglIdentityServerTokenHandler which
can be used in server-side applications that want to authenticate with ClientCredentials grant
against Dangl.Identity.
It works based on the passed-in ITokenStorage and is safe to use as a singleton throughout the app lifetime.
Dangl.RestClient.Identity.TrustedServer
This is intended to be used in server-based applications developed by DanglIT.
Dangl.Identity clients may make inter-service calls that are authenticated via the OAuth2 ClientCredentials
grant type, meaning the services authenticate as themselves and do not have a user context. Some calls, however,
are made on behalf of the user. In some cases, you want to transmit user ids along with the request to indicate
who initiated the action. For example, Dangl.AVACloud conversions may be called by the Dangl.WebGAEB service.
In such cases, Dangl.WebGAEB may say "I'm doing the conversion for user Bob". This can be done between
trusted clients when using Dangl.Identity authentication.
The Dangl.Identity.Client.Mvc package has a UserInformationTransmissionHttpHandler that will append the user
information of the currently authenticated user to outgoing Http calls for trusted domains.
The acceptance of this transmitted data depends on the client having the user_delegation_allowed claim.
This claim is only available for trusted projects by DanglIT and not available for external customers.
Setup
The extension class Dangl.RestClient.Identity.TrustedServer.ServiceCollectionExtensions.AddTransientTrustedDanglRestClient()
allows you to add an implementation of the DanglHttpClient to the service collection. It will be registered as
type of TrustedDanglHttpClient, so services that want to use it should define it as such a dependency or you must
provide a custom factory method in the dependency injection for it to resolve correctly. This means that a service that
is intended to be used for inter-service communication should have a constructor signature like public MyService(TrustedDanglHttpClient httpClient).
Internally, the provisioning works in two ways:
- The inner http handler is kept around as singleton, to avoid TCP congestion / exhaustion that commonly occurs when
quickly creating and disposing
HttpClients. - Transiently, meaning for every request to the DI resolver, a new
UserInformationTransmissionHttpHandlerwill be created that gets itsIUserInfoServicefor the current request, so that the correct user information is read.
Dangl.RestClient.Identity.App
The Dangl.RestClient.Identity.App package contains a DanglIdentityAppTokenHandler which can
be used in client-side applications, meaning applications that are distributed to clients. It offers
functionality to integrate with web apps that make use of the Dangl.Identity.Client.Mvc package to
delegate login to Dangl.Identity.
It works based on the passed-in ITokenStorage and is safe to use as a singleton throughout the app lifetime.
While it is possible to instantiate this with username / email and password, it is advised that this is not done. A typical workflow in an app should be:
- On the login screen, ask the user to provide his credentials
- Perform a token-based authentication with the Dangl.Identity.Client.App package and store
the token in the used
ITokenStoreinstance. - Let the
DanglIdentityAppTokenHandlerhandle only token refresh.
Alternatively, you can set the user credentials in the DanglIdentityAppTokenHandler after instantiation via the SetUserCredentials method.
Assembly Strong Naming & Usage in Signed Applications
This module produces strong named assemblies when compiled. When consumers of this package require strongly named assemblies, for example when they
themselves are signed, the outputs should work as-is.
The key file to create the strong name is adjacent to the csproj file in the root of the source project. Please note that this does not increase
security or provide tamper-proof binaries, as the key is available in the source code per
Microsoft guidelines