HaveIBeenPwned.Client
is a .NET HTTP client for the "have i been pwned" API service from Troy Hunt. This library is comprised of three NuGet packages:
Consumers of the API can use the abstractions for the models returned from the API, while server APIs can consume and wrap the client.
Install from the .NET CLI:
dotnet add package HaveIBeenPwned.Client
Alternatively add manually to your consuming .csproj:
<PackageReference Include="HaveIBeenPwned.Client" Version="{VersionNumber}" />
Or, install using the NuGet Package Manager:
Install-Package HaveIBeenPwned.Client
To add all of the services to the dependency injection container, call one of the AddPwnedServices
overloads. From Minimal APIs for example, with using a named configuration section:
builder.Services.AddPwnedServices(
builder.Configuration.GetSection(nameof(HibpOptions)));
From a ConfigureServices
method, with an IConfiguration
instance:
services.AddPwnedServices(options =>
{
options.ApiKey = _configuration["HibpOptions:ApiKey"];
options.UserAgent = _configuration["HibpOptions:UserAgent"];
});
Then you can require any of the available DI-ready types:
IPwnedBreachesClient
: Breaches API.IPwnedPastesClient
: Pastes API.IPwnedPasswordsClient
: Pwned Passwords API.IPwnedClient
: Marker interface, for conveniently injecting all of the above clients into a single client.
If you're not using the DI approach, simply instantiate PwnedClient
with your API key and use it as you see fit.
IPwnedClient client = new PwnedClient("<API Key>");
// TODO: Use client...
To configure the HaveIBeenPwned.Client
, the following table identifies the well-known configuration object:
Depending on the .NET configuration provider your app is using, there are several well-known keys that map to the HibpOptions
that configure your usage of the HTTP client. When using environment variables, such as those in Azure App Service configuration or Azure Key Vault secrets, the following keys map to the HibpOption
instance:
Key | Data type | Default value |
---|---|---|
HibpOptions__ApiKey |
string |
null |
HibpOptions__UserAgent |
string |
".NET HIBP Client/{AssemblyFileVersion}" |
The ApiKey
is required, to get one — sign up here: https://haveibeenpwned.com/api/key
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"AllowedHosts": "*",
"HibpOptions": {
"ApiKey": "<YourApiKey>",
"UserAgent": "<YourUserAgent>"
}
}
For more information, see JSON configuration provider.