Skip to content

.NET: Switch auth sample to use Singletons #4454

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
westey-m merged 5 commits into from
Mar 5, 2026
Merged

.NET: Switch auth sample to use Singletons #4454

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
96601cb
Switch auth sample to use Singletons
westey-m Mar 4, 2026
5262d3e
Address PR comments
westey-m Mar 4, 2026
66ed588
Add comment to warn users to choose the appropriate lifetime for thei…
westey-m Mar 4, 2026
afc44aa
Merge branch 'main' into auth-sample-singlton
westey-m Mar 4, 2026
7f05295
Merge branch 'main' into auth-sample-singlton
westey-m Mar 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions dotnet/samples/05-end-to-end/AspNetAgentAuthorization/Service/Program.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,9 +76,9 @@
string model = builder.Configuration["OPENAI_MODEL"] ?? "gpt-4.1-mini";

builder.Services.AddHttpContextAccessor();
builder.Services.AddScoped<IUserContext, KeycloakUserContext>();
builder.Services.AddScoped<ExpenseService>();
builder.Services.AddScoped<AIAgent>(sp =>
builder.Services.AddSingleton<IUserContext, KeycloakUserContext>();
Comment thread
westey-m marked this conversation as resolved.
builder.Services.AddSingleton<ExpenseService>();
builder.Services.AddSingleton<AIAgent>(sp =>
{
var expenseService = sp.GetRequiredService<ExpenseService>();

Expand Down
78 changes: 51 additions & 27 deletions dotnet/samples/05-end-to-end/AspNetAgentAuthorization/Service/UserContext.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,43 +27,67 @@ public interface IUserContext
/// Keycloak uses <c>sub</c> for the user ID, <c>preferred_username</c>
/// for the login name, <c>given_name</c>/<c>family_name</c> for the
/// display name, and <c>scope</c> (space-delimited) for granted scopes.
/// Registered as a scoped service so it is resolved once per request.
/// Registered as a singleton — properties are read from the current
/// <see cref="HttpContext"/> on every access.
/// </summary>
public sealed class KeycloakUserContext : IUserContext
{
public string UserId { get; }

public string UserName { get; }

public string DisplayName { get; }

public IReadOnlySet<string> Scopes { get; }
private readonly IHttpContextAccessor _httpContextAccessor;

public KeycloakUserContext(IHttpContextAccessor httpContextAccessor)
{
ClaimsPrincipal? user = httpContextAccessor.HttpContext?.User;
this._httpContextAccessor = httpContextAccessor;
}

this.UserId = user?.FindFirstValue(ClaimTypes.NameIdentifier)
?? user?.FindFirstValue("sub")
?? "anonymous";
public string UserId
{
get
{
ClaimsPrincipal? user = this.CurrentUser;
return user?.FindFirstValue(ClaimTypes.NameIdentifier)
?? user?.FindFirstValue("sub")
?? "anonymous";
}
}

this.UserName = user?.FindFirstValue("preferred_username")
?? user?.FindFirstValue(ClaimTypes.Name)
?? "unknown";
public string UserName
{
get
{
ClaimsPrincipal? user = this.CurrentUser;
return user?.FindFirstValue("preferred_username")
?? user?.FindFirstValue(ClaimTypes.Name)
?? "unknown";
}
}

string? givenName = user?.FindFirstValue("given_name") ?? user?.FindFirstValue(ClaimTypes.GivenName);
string? familyName = user?.FindFirstValue("family_name") ?? user?.FindFirstValue(ClaimTypes.Surname);
this.DisplayName = (givenName, familyName) switch
public string DisplayName
{
get
{
(not null, not null) => $"{givenName} {familyName}",
(not null, null) => givenName,
(null, not null) => familyName,
_ => this.UserName,
};
ClaimsPrincipal? user = this.CurrentUser;
string? givenName = user?.FindFirstValue("given_name") ?? user?.FindFirstValue(ClaimTypes.GivenName);
string? familyName = user?.FindFirstValue("family_name") ?? user?.FindFirstValue(ClaimTypes.Surname);
return (givenName, familyName) switch
{
(not null, not null) => $"{givenName} {familyName}",
(not null, null) => givenName,
(null, not null) => familyName,
_ => this.UserName,
};
}
}

string? scopeClaim = user?.FindFirstValue("scope");
this.Scopes = scopeClaim is not null
? new HashSet<string>(scopeClaim.Split(' ', StringSplitOptions.RemoveEmptyEntries), StringComparer.OrdinalIgnoreCase)
: new HashSet<string>(StringComparer.OrdinalIgnoreCase);
public IReadOnlySet<string> Scopes
{
get
{
string? scopeClaim = this.CurrentUser?.FindFirstValue("scope");
return scopeClaim is not null
? new HashSet<string>(scopeClaim.Split(' ', StringSplitOptions.RemoveEmptyEntries), StringComparer.OrdinalIgnoreCase)
: new HashSet<string>(StringComparer.OrdinalIgnoreCase);
}
Comment thread
westey-m marked this conversation as resolved.
Outdated
}

private ClaimsPrincipal? CurrentUser => this._httpContextAccessor.HttpContext?.User;
}
Loading