ASPSecurityKit.ServiceStack

Assembly: ASPSecurityKit.ServiceStack
Summary: Provides types to support ASPSecurityKit on the Service Stack web framework.

Classes

AcceptAuthCookieAttribute

Attribute to indicate that the associated request allows auth cookie based authentication.

AcceptHmacTokenInQueryStringAttribute

Attribute to indicate that the associated request allows HMAC token in queryString based authentication.

AcceptServiceHmacTokenAttribute

Attribute to indicate that the associated request allows service HMAC token based authentication.

AcceptServiceKeyAttribute

Attribute to indicate that the associated request allows service key based authentication.

ActivityPermittedHandler

Implements the IActivityPermittedHandler for service stack.

AllowAnonymousAttribute

Attribute to indicate that the associated request is accessible to users who aren’t authenticated (anonymous users).

AllowImpersonationAttribute

Attribute to indicate that the associated request is accessible during impersonation.

AllowPasswordExpiredAttribute

Attribute to indicate that the associated request is accessible even if the password has expired.

AllowSuspendedUserAttribute

Attribute to indicate that the associated request is accessible even if the user is suspended.

ASPSecurityKitFeature

ASP Security Kit plugin for Service Stack.

ASPSecurityKitRegistry

Encapsulates logic to register dependencies.

AuthActionAttribute

Attribute to indicate the complete permission code or action part of the permission code for activity-based authorization checks.

AuthEntityAttribute

Attribute to indicate the complete permission code or entity type part of the permission code for activity-based authorization checks.

AuthorizeRequestDefinitionRegistrar

Default implementation for IAuthorizeRequestDefinitionRegistrar.

AuthPermissionAttribute

Attribute to indicate the complete permission code for the associated request for activity-based authorization checks.

DisabledAttribute

Attribute to indicate that the associated request is disabled.

ExcludeBodyFromHmacAttribute

Attribute to indicate that the associated request’s body is ignored while creating HMAC token for authentication.

FeatureAttribute

Attribute to indicate one or more RequestFeature values for the associated request.

HttpMethodAttribute

Base type for security attributes that operate on one or more http methods.

MFANotRequiredAttribute

Attribute to indicate that the associated request is accessible even when multi-factor authentication is not yet done.

MultiFactorSettingAttribute

Attribute to indicate that the associated request is used to manage multi-factor settings. Hence should be accessible to enable MFA when MFA is enforced on user. Other APIs are blocked because user hasn’t enabled MFA.

PossessesPermissionCodeAttribute

Attribute to indicate that authorization should only check the existence of a permission code and skip entity instance-based check for the associated request. Don’t confuse it with general actions. See remarks for more information.

ProtectAttribute

A Service Stack request filter attribute that protects the associated service or endpoint by executing a strong security pipeline provided by ASPSecurityKit.

PublicAttribute

Attribute to indicate that the associated request is accessible with public keys (requiring no MFA/authorization checks).

RequestService

Implements the IServiceStackRequestService for Service Stack.

ServiceStackSecuritySettings

Implements the IServiceStackSecuritySettings.

SkipActivityAuthorizationAttribute

Attribute to indicate that the associated request doesn’t require activity-based authorization checks.

TypeExtensions

Defines utility methods.

VerificationNotRequiredAttribute

Attribute to indicate that the associated request is accessible to users who aren’t yet verified.

XssValidation

Provides methods to execute cross-site scripting (XSS) validation on the given request.

Interfaces

IAuthorizeRequestDefinition

Represents auth definition to provide authorization related methods for a request. Typically Created out of types that implements multiple auth definitions and mark themselves with IAuthorizeRequestDefinitionsContainer.

IAuthorizeRequestDefinitionRegistrar

Provides implementers a way to register authDefinitions that ASK can use to obtain entityId and/or perform authorization for the associated requests.

IAuthorizeRequestDefinitionsContainer

Marker interface for types that encapsulate authDefinitions such as GetId/IsAuthorize methods.

IServiceStackRequestService

Provides an abstraction to interact with service stack request/response objects.

IServiceStackSecuritySettings

Defines service stack related configuration settings for security pipeline.

Others

ASKRestHandler

Extends RestHandler to initialize ISecurityPipeline and other custom objects at request scope.