Interface IAuthorizationCore

Namespace: FoundationaLLM.AuthorizationEngine.Interfaces

Assembly: FoundationaLLM.AuthorizationEngine.dll

Defines the methods for authorization core.

public interface IAuthorizationCore

Extension Methods: ObjectExtensions.GetPropertyValues(object, List<string>)

Methods

AllowAuthorizationRequestsProcessing(string, string)

Checks if a specified security principal is allowed to process authorization requests.

bool AllowAuthorizationRequestsProcessing(string instanceId, string securityPrincipalId)

Parameters

instanceId string: The FoundationaLLM instance id.
securityPrincipalId string: The id of the security principal whose authorization is checked.

Returns

bool: True if the security principal is allowed to process authorization requests.

CreateRoleAssignment(string, RoleAssignmentRequest)

Creates a role assignment for a specified security principal.

Task<RoleAssignmentOperationResult> CreateRoleAssignment(string instanceId, RoleAssignmentRequest roleAssignmentRequest)

Parameters

instanceId string: The FoundationaLLM instance identifier.
roleAssignmentRequest RoleAssignmentRequest: The role assignment request.

Returns

Task<RoleAssignmentOperationResult>: The role assignment result.

DeleteRoleAssignment(string, string)

Revokes a role from an Entra ID user or group.

Task<RoleAssignmentOperationResult> DeleteRoleAssignment(string instanceId, string roleAssignment)

Parameters

instanceId string: The FoundationaLLM instance identifier.
roleAssignment string: The role assignment object identifier.

Returns

Task<RoleAssignmentOperationResult>: The role assignment result.

DeleteSecretKey(string, string, string)

Deletes a specified secret key.

Task DeleteSecretKey(string instanceId, string contextId, string secretKeyId)

Parameters

instanceId string: The FoundationaLLM instance identifier.
contextId string: The identifier of the context containing the secret key to delete.
secretKeyId string: The unique identifier of the secret key being deleted.

Returns

Task

GetRoleAssignments(string, RoleAssignmentQueryParameters)

Returns a list of role assignments for the specified instance and resource path.

List<RoleAssignment> GetRoleAssignments(string instanceId, RoleAssignmentQueryParameters queryParameters)

Parameters

instanceId string: The FoundationaLLM instance identifier.
queryParameters RoleAssignmentQueryParameters: The RoleAssignmentQueryParameters providing the inputs for filtering the role assignments.

Returns

List<RoleAssignment>: The list of all role assignments for the specified instance.

GetSecretKeys(string, string)

Gets a list of SecretKey items that are associated with the specified instance and context.

List<SecretKey> GetSecretKeys(string instanceId, string contextId)

Parameters

instanceId string: The FoundationaLLM instance identifier.
contextId string: The identifier of the context for which the secret keys are retrieved.

Returns

List<SecretKey>: A list of SecretKey items.

Remarks

Each consumer of secret keys should have a unique context identifier. For example, FoundationaLLM resource providers could use the resource object identifier as the context identifier.

ProcessAuthorizationRequest(string, ActionAuthorizationRequest)

Processes an authorization request.

ActionAuthorizationResult ProcessAuthorizationRequest(string instanceId, ActionAuthorizationRequest authorizationRequest)

Parameters

instanceId string: The FoundationaLLM instance id.
authorizationRequest ActionAuthorizationRequest: The ActionAuthorizationRequest containing the details of the authorization request.

Returns

ActionAuthorizationResult: An ActionAuthorizationResult indicating whether the requested authorization was successfull or not for each resource path.

UpsertSecretKey(string, SecretKey)

Creates a new or updates an existing SecretKey item.

Task<string?> UpsertSecretKey(string instanceId, SecretKey secretKey)

Parameters

instanceId string: The FoundationaLLM instance identifier.
secretKey SecretKey: The SecretKey item containing the properties of the secret key being created or updated.

Returns

Task<string>: If the secret key is being created, it returns the secret value of the key. Otherwise, returns null.

ValidateSecretKey(ClientSecretKey)

Validates a secret key value.

Task<SecretKeyValidationResult> ValidateSecretKey(ClientSecretKey clientSecretKey)

Parameters

clientSecretKey ClientSecretKey: The ClientSecretKey containing the secret key value to validate.

Returns

Task<SecretKeyValidationResult>: A SecretKeyValidationResult item with the results of the validation.

Remarks

Each valid secret key has an associated virtual identity that is returned in the VirtualIdentity property. It is the responsibility of the caller to use the virtual identity to authorize the request.

Table of Contents

Interface IAuthorizationCore

Methods

AllowAuthorizationRequestsProcessing(string, string)

Parameters

Returns

CreateRoleAssignment(string, RoleAssignmentRequest)

Parameters

Returns

DeleteRoleAssignment(string, string)

Parameters

Returns

DeleteSecretKey(string, string, string)

Parameters

Returns

GetRoleAssignments(string, RoleAssignmentQueryParameters)

Parameters

Returns

GetSecretKeys(string, string)

Parameters

Returns

Remarks

ProcessAuthorizationRequest(string, ActionAuthorizationRequest)

Parameters

Returns

UpsertSecretKey(string, SecretKey)

Parameters

Returns

ValidateSecretKey(ClientSecretKey)

Parameters

Returns

Remarks