Table of Contents

Class AuthorizationServiceClient

Namespace
FoundationaLLM.Common.Clients
Assembly
FoundationaLLM.Common.dll

Provides methods for interacting with the Authorization API.

public class AuthorizationServiceClient : IAuthorizationServiceClient
Inheritance
AuthorizationServiceClient
Implements
Inherited Members
Extension Methods

Constructors

AuthorizationServiceClient(IHttpClientFactory, IOptions<AuthorizationServiceClientSettings>, ILogger<AuthorizationServiceClient>)

Initializes a new instance of the AuthorizationServiceClient class.

public AuthorizationServiceClient(IHttpClientFactory httpClientFactory, IOptions<AuthorizationServiceClientSettings> options, ILogger<AuthorizationServiceClient> logger)

Parameters

httpClientFactory IHttpClientFactory

The centralized factory from which to create HTTP clients.

options IOptions<AuthorizationServiceClientSettings>

AuthorizationServiceClientSettings options.

logger ILogger<AuthorizationServiceClient>

The logger used for logging.

Methods

CreateRoleAssignment(string, RoleAssignmentRequest, UnifiedUserIdentity)

Creates a new role assignment.

public Task<RoleAssignmentOperationResult> CreateRoleAssignment(string instanceId, RoleAssignmentRequest roleAssignmentRequest, UnifiedUserIdentity userIdentity)

Parameters

instanceId string

The FoundationaLLM instance identifier.

roleAssignmentRequest RoleAssignmentRequest

The RoleAssignmentRequest containing the details of the role assignment to be created.

userIdentity UnifiedUserIdentity

The user identity.

Returns

Task<RoleAssignmentOperationResult>

A RoleAssignmentOperationResult containing information about the result of the operation.

DeleteRoleAssignment(string, string, UnifiedUserIdentity)

Deletes a role assignment.

public Task<RoleAssignmentOperationResult> DeleteRoleAssignment(string instanceId, string roleAssignment, UnifiedUserIdentity userIdentity)

Parameters

instanceId string

The FoundationaLLM instance identifier.

roleAssignment string

The role assignment object identifier.

userIdentity UnifiedUserIdentity

The user identity.

Returns

Task<RoleAssignmentOperationResult>

A RoleAssignmentOperationResult containing information about the result of the operation.

DeleteSecretKey(string, string, string)

Deletes a specified secret key.

public Task DeleteSecretKey(string instanceId, string contextId, string secretKeyId)

Parameters

instanceId string

The FoundationaLLM instance identifier.

contextId string

The identifier of the context containing the secret key to delete.

secretKeyId string

The unique identifier of the secret key being deleted.

Returns

Task

GetRoleAssignments(string, RoleAssignmentQueryParameters, UnifiedUserIdentity)

Returns a list of role assignments.

public Task<List<RoleAssignment>> GetRoleAssignments(string instanceId, RoleAssignmentQueryParameters queryParameters, UnifiedUserIdentity userIdentity)

Parameters

instanceId string

The FoundationaLLM instance identifier.

queryParameters RoleAssignmentQueryParameters

The RoleAssignmentQueryParameters providing the inputs for filtering the role assignments.

userIdentity UnifiedUserIdentity

The user identity.

Returns

Task<List<RoleAssignment>>

The list of all role assignments for the specified instance.

GetSecretKeys(string, string)

Gets a list of SecretKey items that are associated with the specified instance and context.

public Task<List<SecretKey>> GetSecretKeys(string instanceId, string contextId)

Parameters

instanceId string

The FoundationaLLM instance identifier.

contextId string

The identifier of the context for which the secret keys are retrieved.

Returns

Task<List<SecretKey>>

A list of SecretKey items.

Remarks

Each consumer of secret keys should have a unique context identifier. For example, FoundationaLLM resource providers could use the resource object identifier as the context identifier.

ProcessAuthorizationRequest(string, string, List<string>, bool, bool, bool, UnifiedUserIdentity)

Processes an action authorization request.

public Task<ActionAuthorizationResult> ProcessAuthorizationRequest(string instanceId, string action, List<string> resourcePaths, bool expandResourceTypePaths, bool includeRoleAssignments, bool includeActions, UnifiedUserIdentity userIdentity)

Parameters

instanceId string

The FoundationaLLM instance id.

action string

The action identifier.

resourcePaths List<string>

The resource paths.

expandResourceTypePaths bool

A value indicating whether to expand resource type paths that are not authorized.

includeRoleAssignments bool
includeActions bool

A value indicating whether to include authorizable actions in the response.

userIdentity UnifiedUserIdentity

The user identity.

Returns

Task<ActionAuthorizationResult>

An ActionAuthorizationResult containing the result of the processing.

Remarks

If the action specified by action is not authorized for a resource type path, and expandResourceTypePaths is set to true, the response will include any authorized resource paths matching the resource type path.

If includeRoles is set to true, for each authrorized resource path, the response will include the roles assigned directly or indirectly to the resource path.

If action is set to true, for each authorized resource path, the response will include the autorizable actions assigned directly or indirectly to the resource path.

UpsertSecretKey(string, SecretKey)

Creates a new or updates an existing SecretKey item.

public Task<string?> UpsertSecretKey(string instanceId, SecretKey secretKey)

Parameters

instanceId string

The FoundationaLLM instance identifier.

secretKey SecretKey

The SecretKey item containing the properties of the secret key being created or updated.

Returns

Task<string>

If the secret bey is being created, it returns the secret value of the key. Otherwise, returns null.

ValidateSecretKey(string, string, string)

Validates a secret key value.

public Task<SecretKeyValidationResult> ValidateSecretKey(string instanceId, string contextId, string secretKeyValue)

Parameters

instanceId string

The FoundationaLLM instance identifier.

contextId string

The identifier of the context containing the secret key to validate.

secretKeyValue string

The secret value of the key.

Returns

Task<SecretKeyValidationResult>

A SecretKeyValidationResult item with the results of the validation.

Remarks

Each valid secret key has an associated virtual identity that is returned in the VirtualIdentity property. It is the responsibility of the caller to use the virtual identity to authorize the request.

Edit this page