Address PR feedback: add Roles to single credentials, rename Admin to Administrator, use configured RoleClaimType

Co-authored-by: marcominerva <3522534+marcominerva@users.noreply.github.com>

Author: Copilot

samples/MinimalApis/ApiKeySample/Program.cs

@@ -1,6 +1,7 @@
 using System.Security.Claims;
 using ApiKeySample.Authentication;
 using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.Options;
 using SimpleAuthentication;
 using SimpleAuthentication.ApiKey;
 
@@ -55,16 +56,16 @@
 app.UseAuthentication();
 app.UseAuthorization();
 
-app.MapGet("api/me", (ClaimsPrincipal user) =>
+app.MapGet("api/me", (ClaimsPrincipal user, IOptions<ApiKeySettings> options) =>
 {
-    var roles = user.FindAll(ClaimTypes.Role).Select(c => c.Value);
+    var roles = user.FindAll(options.Value.RoleClaimType).Select(c => c.Value);
     return TypedResults.Ok(new User(user.Identity!.Name, roles));
 })
 .RequireAuthorization()
 .WithOpenApi();
 
-app.MapGet("api/admin", () => "Admin access granted")
-.RequireAuthorization(policy => policy.RequireRole("Admin"))
+app.MapGet("api/admin", () => "Administrator access granted")
+.RequireAuthorization(policy => policy.RequireRole("Administrator"))
 .WithOpenApi();
 
 app.MapGet("api/user", () => "User access granted")

samples/MinimalApis/ApiKeySample/appsettings.json

@@ -11,12 +11,13 @@
             // You can set a fixed API Key for authentication. If you have a single value, you can just use the plain property:
             "ApiKeyValue": "f1I7S5GXa4wQDgLQWgz0",
             "UserName": "ApiUser", // Required if ApiKeyValue is used
+            "Roles": [ "Administrator" ],
             // Otherwise, you can create an array of ApiKeys:
             "ApiKeys": [
                 {
                     "Value": "ArAilHVOoL3upX78Cohq",
                     "UserName": "alice",
-                    "Roles": [ "Admin", "User" ]
+                    "Roles": [ "Administrator", "User" ]
                 },
                 {
                     "Value": "DiUU5EqImTYkxPDAxBVS",

samples/MinimalApis/BasicAuthenticationSample/Program.cs

@@ -1,6 +1,7 @@
 using System.Security.Claims;
 using BasicAuthenticationSample.Authentication;
 using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.Options;
 using SimpleAuthentication;
 using SimpleAuthentication.BasicAuthentication;
 
@@ -55,16 +56,16 @@
 app.UseAuthentication();
 app.UseAuthorization();
 
-app.MapGet("api/me", (ClaimsPrincipal user) =>
+app.MapGet("api/me", (ClaimsPrincipal user, IOptions<BasicAuthenticationSettings> options) =>
 {
-    var roles = user.FindAll(ClaimTypes.Role).Select(c => c.Value);
+    var roles = user.FindAll(options.Value.RoleClaimType).Select(c => c.Value);
     return TypedResults.Ok(new User(user.Identity!.Name, roles));
 })
 .RequireAuthorization()
 .WithOpenApi();
 
-app.MapGet("api/admin", () => "Admin access granted")
-.RequireAuthorization(policy => policy.RequireRole("Admin"))
+app.MapGet("api/admin", () => "Administrator access granted")
+.RequireAuthorization(policy => policy.RequireRole("Administrator"))
 .WithOpenApi();
 
 app.MapGet("api/user", () => "User access granted")

samples/MinimalApis/BasicAuthenticationSample/appsettings.json

@@ -8,12 +8,13 @@
             //"RoleClaimType": "user_role", // Default: http://schemas.microsoft.com/ws/2008/06/identity/claims/role
             "UserName": "marco",
             "Password": "P@$$w0rd",
+            "Roles": [ "Administrator" ],
             // Otherwise, you can create an array of Credentials:
             "Credentials": [
                 {
                     "UserName": "alice",
                     "Password": "Password1",
-                    "Roles": [ "Admin", "User" ]
+                    "Roles": [ "Administrator", "User" ]
                 },
                 {
                     "UserName": "bob",

src/SimpleAuthentication.Abstractions/ApiKey/ApiKeySettings.cs

@@ -41,6 +41,13 @@ public class ApiKeySettings : AuthenticationSchemeOptions
     /// <seealso cref="ApiKeyValue"/>
     public string? UserName { get; set; }
 
+    /// <summary>
+    /// Gets or sets the optional list of roles to assign to the user when using <see cref="ApiKeyValue"/> and <see cref="UserName"/>.
+    /// </summary>
+    /// <seealso cref="ApiKeyValue"/>
+    /// <seealso cref="UserName"/>
+    public string[]? Roles { get; set; }
+
     private ICollection<ApiKey> apiKeys = [];
     /// <summary>
     /// The collection of valid API keys.
@@ -53,7 +60,7 @@ public ICollection<ApiKey> ApiKeys
             if (!string.IsNullOrWhiteSpace(ApiKeyValue) && !string.IsNullOrWhiteSpace(UserName))
             {
                 // If necessary, add the API Key from the base properties.
-                apiKeys.Add(new(ApiKeyValue, UserName));
+                apiKeys.Add(new(ApiKeyValue, UserName, Roles));
             }
 
             return apiKeys;

src/SimpleAuthentication.Abstractions/BasicAuthentication/BasicAuthenticationSettings.cs

@@ -30,6 +30,13 @@ public class BasicAuthenticationSettings : AuthenticationSchemeOptions
     /// <seealso cref="IBasicAuthenticationValidator"/>
     public string? Password { get; set; }
 
+    /// <summary>
+    /// Gets or sets the optional list of roles to assign to the user when using <see cref="UserName"/> and <see cref="Password"/>.
+    /// </summary>
+    /// <seealso cref="UserName"/>
+    /// <seealso cref="Password"/>
+    public string[]? Roles { get; set; }
+
     private ICollection<Credential> credentials = [];
     /// <summary>
     /// The collection of authorization credentials.
@@ -42,7 +49,7 @@ public ICollection<Credential> Credentials
             if (!string.IsNullOrWhiteSpace(UserName) && !string.IsNullOrWhiteSpace(Password))
             {
                 // If necessary, add the credentials from the base properties.
-                credentials.Add(new Credential(UserName, Password));
+                credentials.Add(new Credential(UserName, Password, Roles));
             }
 
             return credentials;