Interface IAuthorizationServiceClient

Namespace

FoundationaLLM.Common.Interfaces

Assembly

FoundationaLLM.Common.dll

Defines methods exposed by the Authorization service.

public interface IAuthorizationServiceClient

Extension Methods

ObjectExtensions.GetPropertyValues(object, List<string>)

Methods

CreateRoleAssignment(string, RoleAssignmentRequest, UnifiedUserIdentity)

Creates a new role assignment.

Task<RoleAssignmentOperationResult> CreateRoleAssignment(string instanceId, RoleAssignmentRequest roleAssignmentRequest, UnifiedUserIdentity userIdentity)

Parameters

instanceId string

The FoundationaLLM instance identifier.

roleAssignmentRequest RoleAssignmentRequest

The RoleAssignmentRequest containing the details of the role assignment to be created.

userIdentity UnifiedUserIdentity

The user identity.

Returns

Task<RoleAssignmentOperationResult>

A RoleAssignmentOperationResult containing information about the result of the operation.

DeleteRoleAssignment(string, string, UnifiedUserIdentity)

Deletes a role assignment.

Task<RoleAssignmentOperationResult> DeleteRoleAssignment(string instanceId, string roleAssignment, UnifiedUserIdentity userIdentity)

Parameters

instanceId string

The FoundationaLLM instance identifier.

roleAssignment string

The role assignment object identifier.

userIdentity UnifiedUserIdentity

The user identity.

Returns

Task<RoleAssignmentOperationResult>

A RoleAssignmentOperationResult containing information about the result of the operation.

DeleteSecretKey(string, string, string)

Deletes a specified secret key.

Task DeleteSecretKey(string instanceId, string contextId, string secretKeyId)

Parameters

instanceId string

The FoundationaLLM instance identifier.

contextId string

The identifier of the context containing the secret key to delete.

secretKeyId string

The unique identifier of the secret key being deleted.

Returns

Task

GetRoleAssignments(string, RoleAssignmentQueryParameters, UnifiedUserIdentity)

Returns a list of role assignments.

Task<List<RoleAssignment>> GetRoleAssignments(string instanceId, RoleAssignmentQueryParameters queryParameters, UnifiedUserIdentity userIdentity)

Parameters

instanceId string

The FoundationaLLM instance identifier.

queryParameters RoleAssignmentQueryParameters

The RoleAssignmentQueryParameters providing the inputs for filtering the role assignments.

userIdentity UnifiedUserIdentity

The user identity.

Returns

Task<List<RoleAssignment>>

The list of all role assignments for the specified instance.

GetSecretKeys(string, string)

Gets a list of SecretKey items that are associated with the specified instance and context.

Task<List<SecretKey>> GetSecretKeys(string instanceId, string contextId)

Parameters

instanceId string

The FoundationaLLM instance identifier.

contextId string

The identifier of the context for which the secret keys are retrieved.

Returns

Task<List<SecretKey>>

A list of SecretKey items.

Remarks

Each consumer of secret keys should have a unique context identifier. For example, FoundationaLLM resource providers could use the resource object identifier as the context identifier.

ProcessAuthorizationRequest(string, string, List<string>, bool, bool, bool, UnifiedUserIdentity)

Processes an action authorization request.

Task<ActionAuthorizationResult> ProcessAuthorizationRequest(string instanceId, string action, List<string> resourcePaths, bool expandResourceTypePaths, bool includeRoles, bool includeActions, UnifiedUserIdentity userIdentity)

Parameters

instanceId string

The FoundationaLLM instance id.

action string

The action identifier.

resourcePaths List<string>

The resource paths.

expandResourceTypePaths bool

A value indicating whether to expand resource type paths that are not authorized.

includeRoles bool

A value indicating whether to include roles in the response.

includeActions bool

A value indicating whether to include authorizable actions in the response.

userIdentity UnifiedUserIdentity

The user identity.

Returns

Task<ActionAuthorizationResult>

An ActionAuthorizationResult containing the result of the processing.

Remarks

If the action specified by action is not authorized for a resource type path, and expandResourceTypePaths is set to true, the response will include any authorized resource paths matching the resource type path.

If includeRoles is set to true, for each authrorized resource path, the response will include the roles assigned directly or indirectly to the resource path.

If action is set to true, for each authorized resource path, the response will include the autorizable actions assigned directly or indirectly to the resource path.

UpsertSecretKey(string, SecretKey)

Creates a new or updates an existing SecretKey item.

Task<string?> UpsertSecretKey(string instanceId, SecretKey secretKey)

Parameters

instanceId string

The FoundationaLLM instance identifier.

secretKey SecretKey

The SecretKey item containing the properties of the secret key being created or updated.

Returns

Task<string>

If the secret bey is being created, it returns the secret value of the key. Otherwise, returns null.

ValidateSecretKey(string, string, string)

Validates a secret key value.

Task<SecretKeyValidationResult> ValidateSecretKey(string instanceId, string contextId, string secretKeyValue)

Parameters

instanceId string

The FoundationaLLM instance identifier.

contextId string

The identifier of the context containing the secret key to validate.

secretKeyValue string

The secret value of the key.

Returns

Task<SecretKeyValidationResult>

A SecretKeyValidationResult item with the results of the validation.

Remarks

Each valid secret key has an associated virtual identity that is returned in the VirtualIdentity property. It is the responsibility of the caller to use the virtual identity to authorize the request.