Class OpaClient

Namespace

Styra.Opa

Assembly

Styra.Opa.dll

OpaClient provides high-level convenience APIs for interacting with an OPA server. It is generally recommended to use this class for most common OPA integrations.

public class OpaClient

Inheritance

object

OpaClient

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ReferenceEquals(object, object)

object.ToString()

Constructors

OpaClient(string?, ILogger<OpaClient>?, JsonSerializerSettings?)

Constructs an OpaClient, connecting to a specified server address if provided.

public OpaClient(string? serverUrl = null, ILogger<OpaClient>? logger = null, JsonSerializerSettings? jsonSerializerSettings = null)

Parameters

serverUrl string

The URL for connecting to the OPA server instance. (default: "http://localhost:8181")

logger ILogger<OpaClient>

The ILogger instance to use for this OpaClient. (default: NullLogger)

jsonSerializerSettings JsonSerializerSettings

The Newtonsoft.Json.JsonSerializerSettings to use as the default for serializing inputs for OPA. (default: none)

Methods

check(string, object?, JsonSerializerSettings?)

Simple allow/deny-style check against a rule, using the provided object, This will round-trip an object through Newtonsoft.JsonConvert, in order to generate the input object for the eventual OPA API call.

public Task<bool> check(string path, object? input, JsonSerializerSettings? jsonSerializerSettings = null)

Parameters

path string

The rule to evaluate. (Example: "app/rbac")

input object

The input C# object OPA will use for evaluating the rule.

jsonSerializerSettings JsonSerializerSettings

The Newtonsoft.Json.JsonSerializerSettings object to use for round-tripping the input through JSON serdes. (default: global serializer settings, if any)

Returns

Task<bool>

Result, as a boolean

evaluateBatch(string, Dictionary<string, Dictionary<string, object>>)

Evaluate a policy, using the provided map of query inputs. Results will be returned in an identically-structured pair of maps, one for successful evals, and one for errors. In the event that the OPA server does not support the /v1/batch/data endpoint, this method will fall back to performing sequential queries against the OPA server.

public Task<(OpaBatchResults, OpaBatchErrors)> evaluateBatch(string path, Dictionary<string, Dictionary<string, object>> inputs)

Parameters

path string

The rule to evaluate. (Example: "app/rbac")

inputs Dictionary<string, Dictionary<string, object>>

The input Dictionary OPA will use for evaluating the rule. The keys are arbitrary ID strings, the values are the input values intended for each query.

Returns

Task<(OpaBatchResults, OpaBatchErrors)>

A pair of mappings, between string keys, and SuccessfulPolicyResponses, or ServerErrors.

evaluateBatch<T>(string, Dictionary<string, Dictionary<string, object>>)

Evaluate a policy, using the provided map of query inputs. Results will be returned in an identically-structured pair of maps, one for successful evals, and one for errors. In the event that the OPA server does not support the /v1/batch/data endpoint, this method will fall back to performing sequential queries against the OPA server.

public Task<(OpaBatchResultGeneric<T>, OpaBatchErrors)> evaluateBatch<T>(string path, Dictionary<string, Dictionary<string, object>> inputs)

Parameters

path string

The rule to evaluate. (Example: "app/rbac")

inputs Dictionary<string, Dictionary<string, object>>

The input Dictionary OPA will use for evaluating the rule. The keys are arbitrary ID strings, the values are the input values intended for each query.

Returns

Task<(OpaBatchResultGeneric<T>, OpaBatchErrors)>

A pair of mappings, between string keys, and generic type T, or ServerErrors.

Type Parameters

T

evaluateDefault<T>(object?, JsonSerializerSettings?)

Evaluate the server's default policy, using the provided object, then coerce the result to type T. This will round-trip an object through Newtonsoft.JsonConvert, in order to generate the input object for the eventual OPA API call.

public Task<T> evaluateDefault<T>(object? input, JsonSerializerSettings? jsonSerializerSettings = null)

Parameters

input object

The input C# object OPA will use for evaluating the rule.

jsonSerializerSettings JsonSerializerSettings

The Newtonsoft.Json.JsonSerializerSettings object to use for round-tripping the input through JSON serdes. (default: global serializer settings, if any)

Returns

Task<T>

Result, as an instance of T

Type Parameters

T

evaluate<T>(string, object?, JsonSerializerSettings?)

Evaluate a policy, using the provided object, then coerce the result to type T. This will round-trip an object through Newtonsoft.JsonConvert, in order to generate the input object for the eventual OPA API call.

public Task<T> evaluate<T>(string path, object? input, JsonSerializerSettings? jsonSerializerSettings = null)

Parameters

path string

The rule to evaluate. (Example: "app/rbac")

input object

The input C# object OPA will use for evaluating the rule.

jsonSerializerSettings JsonSerializerSettings

The Newtonsoft.Json.JsonSerializerSettings object to use for round-tripping the input through JSON serdes. (default: global serializer settings, if any)

Returns

Task<T>

Result, as an instance of T

Type Parameters

T