Skip to content

v1.0 Beta 1 🚀

Compare
Choose a tag to compare
@Hawxy Hawxy released this 29 May 02:29
· 4 commits to main since this release
c59b3a9

This releases contains considerable breaking changes to the configuration. I consider this API final for the v1.0 release pending any usability issues.

Breaking changes

  • DSL v1.1 is now a hard requirement.
  • Added a new configuration builder that encapsulates all out of the box authentication scenarios to improve DX
builder.Services.AddOpenFgaClient(config =>
{
-     config.WithAuth0FgaDefaults(builder.Configuration["Auth0Fga:ClientId"], builder.Configuration["Auth0Fga:ClientSecret"]);
-     config.StoreId = builder.Configuration["Auth0Fga:StoreId"];  
});

builder.Services.AddOpenFgaMiddleware(middlewareConfig =>
{
-     middlewareConfig.UserIdentityResolver = principal => $"user:{principal.Identity!.Name!}";
});

builder.Services.AddOpenFgaClient(config =>
{
+     config.ConfigureAuth0Fga(x =>
+     {
+         x.WithAuthentication(builder.Configuration["Auth0Fga:ClientId"]!, builder.Configuration["Auth0Fga:ClientSecret"]!);
+     });
+     config.SetStoreId(builder.Configuration["Auth0Fga:StoreId"]!);
});

builder.Services.AddOpenFgaMiddleware(middlewareConfig =>
{
+     middlewareConfig.SetUserIdentifier("user", principal => principal.Identity!.Name!);
});

See the updated README for more information, including updated OpenFga configuration.

Features

  • Added PostConfigureFgaClient to overwrite FGA configuration for testing scenarios.

Bug fixes

  • Fixed an issue that resulted in the FGA clients refreshing access tokens on every request. FGA clients are now registered as singletons.
  • Added validation & logging to the middleware to prevent invalid user identifiers reaching the FGA API and throwing an unhelpful exception.