Provide extension of `AuthenticationBuilder` to avoid duplicate adding of authentication services

Question

Provide extension of `AuthenticationBuilder` to avoid duplicate adding of authentication services

Closed this issue 2 months ago · 2 comments

The only methods that allow users to register auth services are the AddKeycloakAuthentication extension methods on IServiceCollection.

These internally call services.AddAuthentication("Bearer"), which is fine when Keycloak is the primary/default auth service.

However, in a scenario where there are several providers and another provider is the default, it gets a bit messier (leading potentially to several calls to AddAuthentication, which is weird).

It's generally not good practice to rewrap calls to such common API as AddAuthentication in third-party libraries. I think it'd be much cleaner to provide an extra set of extensions, but on AuthenticationBuilder that would let one basically set up the library the following way:

services.AddAuthentication()
    .AddKeycloak("MyKeycloakProvider", options => { /* ... */ })
    /* add other providers */
    ;

Answer 1 · 2024-04-23T18:02:46.000Z

That's a great Idea.

I'm thinking of AddKeycloakWebApi similar to AddMicrosoftIdentityWebApi from 'Microsoft.Identity.Web`

ref: https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/blob/master/1-WebApp-OIDC/1-1-MyOrg/Startup.cs#L38

Answer 2 · 2024-04-23T18:29:51.000Z

Design:

https://github.com/AzureAD/microsoft-identity-web/blob/master/src/Microsoft.Identity.Web/WebApiExtensions/MicrosoftIdentityWebApiServiceCollectionExtensions.cs

https://github.com/AzureAD/microsoft-identity-web/blob/master/src/Microsoft.Identity.Web/WebApiExtensions/MicrosoftIdentityWebApiAuthenticationBuilderExtensions.cs