Riptide Platform SDK

Overview

The Riptide Platform SDK is an enterprise-grade development framework for .NET 8.0 applications that provides a comprehensive suite of foundational services designed to accelerate development while ensuring consistency, reliability, and best practices across your entire application portfolio. It delivers production-ready implementations of cross-cutting concerns that every modern enterprise application requires.

Purpose

Traditional enterprise application development requires teams to repeatedly solve the same fundamental challenges: logging, configuration management, dependency injection, monitoring, multi-tenancy, and testing infrastructure. Riptide Platform SDK solves this by:

1. Standardizing Cross-Cutting Concerns: Consistent implementations across all applications
2. Accelerating Time-to-Market: Pre-built, tested infrastructure components
3. Enforcing Best Practices: Clean architecture patterns built into the framework
4. Reducing Technical Debt: Well-documented, maintainable code from day one
5. Enabling Enterprise Scale: Multi-tenant, observable, configurable by design
6. Simplifying Testing: Comprehensive testing utilities and patterns

Key Capabilities

Production-Ready Infrastructure

• Identity Management: Unified authentication with three deployment modes (self-contained, SSO, Identity Lite) and capability-based authorization
• Enterprise Logging: Structured logging with correlation tracking, pattern-based masking, and extensible provider support
• Configuration Management: Multi-source configuration with secrets management and value monitoring patterns
• Monitoring Abstraction: Metrics collection with DataDog and OpenTelemetry backend support
• Dependency Injection: Attribute-based service registration with automatic assembly scanning
• Tenant Context Patterns: Foundational abstractions for multi-tenant applications
• Testing Patterns: Base classes and examples for unit, integration, and architecture tests
• Cryptographic Licensing: RSA-4096 signature-based license protection with offline validation

Clean Architecture Foundation

• Layered Design: Clear separation between Domain, Application, Infrastructure, and Presentation
• SOLID Principles: Built-in patterns that enforce maintainable, testable code
• Domain-Driven Design: Value objects, entities, and aggregates with validation
• Command Query Separation: Clear patterns for reads vs. writes
• Repository Pattern: Abstracted data access with provider flexibility

Developer Experience

• Minimal Configuration: Convention-over-configuration with sensible defaults
• Fluent APIs: Intuitive, discoverable service configuration
• Rich Documentation: Comprehensive XML documentation and usage examples
• Type Safety: Strong typing throughout with compile-time validation
• IntelliSense Support: Full IDE integration for productivity

Core Components

1. Logging Component

Structured logging framework with Console, File, and DataDog provider support. Includes correlation tracking, pattern-based sensitive data masking, and ASP.NET Core middleware.

Key Features:

• Structured logging with JSON format
• Pattern-based PII masking (email, SSN, credit card formats)
• DataDog provider for sending logs to DataDog Logs API
• External provider framework for Elastic and custom endpoints
• Request/response logging middleware
• Health check integration

2. Configuration Component

Multi-source configuration with Local, Azure Key Vault, and Strongbox providers. Supports file watching and IOptionsMonitor patterns for value reloading.

Key Features:

• Multiple provider support with failover
• Secrets management with Key Vault and Strongbox
• File watching for configuration value changes
• IOptionsMonitor integration for reactive configuration
• Provider health checks

3. Monitoring Component

Metrics collection abstraction with DataDog and OpenTelemetry provider support. Push metrics to monitoring backends with tenant tagging.

Key Features:

• DataDog and OpenTelemetry providers
• In-memory provider for testing
• Tenant tagging for metrics
• Monitoring attributes ([TrackMetrics], [MonitorPerformance])
• Health check integration

4. Dependency Injection Component

Attribute-based service registration using [AutoRegister] with automatic assembly scanning and lifecycle management.

Key Features:

• [AutoRegister] attribute for declarative registration
• Assembly scanning and service discovery
• Multiple interface registration
• Keyed services and service replacement
• Tenant context middleware integration

5. Tenant Isolation Component

Foundational abstractions for multi-tenant applications including domain models, interfaces, and row-level isolation patterns.

Key Features:

• Tenant domain value objects and entities
• [RequiresTenant] attribute
• ASP.NET Core middleware foundation
• EF Core query filter patterns and examples
• Extensible tenant resolver interfaces

6. Testing Component

Base classes and patterns for testing clean architecture applications with examples for architecture tests, builders, and integration testing.

Key Features:

• Unit and integration test base classes
• Architecture test examples (NetArchTest patterns)
• Builder pattern documentation
• In-memory provider implementations
• Health check testing utilities
• Integration test helpers
• Mock data generation

7. Identity Management Component

Unified authentication framework supporting three deployment models: self-contained identity, SSO integration, and Riptide Identity Lite. Switch between modes with configuration changes—no code modifications required.

Key Features:

• Three identity modes: Self-Contained, Single Sign-On, and Identity Lite
• Self-contained mode with BCrypt password hashing and JWT tokens
• SSO integration with Azure Entra ID (extensible to Google, Okta, etc.)
• Identity Lite integration with capability-based authorization
• Multi-database support (SQLite, PostgreSQL, SQL Server)
• Configuration-based mode switching
• Declarative capability authorization with custom attributes
• Multi-tenancy support with trial management
• Session management with refresh tokens
• Account lockout and security features

Identity Modes:

Self-Contained: Complete embedded identity system with local user storage, perfect for standalone deployments, edge computing, and air-gapped environments. Ships with default admin user and provides full user management.

Single Sign-On (SSO): OAuth2/OIDC integration with enterprise identity providers. Plugin architecture supports Azure Entra ID out-of-the-box with extensibility for additional providers. Optional group-based access restrictions.

Identity Lite Integration: Centralized identity management for multi-application Riptide deployments with full role-based access control. Supports trial management, automatic tenant provisioning, and granular capability definitions for fine-grained permissions.

8. Licensing Component

Enterprise-grade RSA-4096 cryptographic licensing system for protecting your applications with offline license validation. Generate tamper-proof license tokens without requiring online activation or phone-home functionality.

Key Features:

• RSA-4096 digital signature-based licensing
• Offline license validation (no phone-home required)
• Tamper-proof license tokens with cryptographic verification
• Extensible license model for custom applications
• LicenseGenerator CLI tool for development and production licenses
• Comprehensive key management and security documentation
• InstallationId binding to prevent license sharing
• Support for perpetual and time-limited licenses

Integration Points

ASP.NET Core Integration

• Middleware for logging, monitoring, and tenant resolution
• Health check endpoints with detailed diagnostics
• Service registration extensions
• Configuration binding
• Request/response pipeline integration

API Integration

• RESTful service patterns
• OpenAPI/Swagger documentation
• Versioned API support
• CORS configuration
• Rate limiting and throttling

Database Integration

• Repository pattern implementations
• Entity Framework Core integration
• Multi-tenant data isolation
• Migration management
• Connection resilience

Cloud Platform Support

• Azure App Configuration integration
• Azure Key Vault for secrets
• Azure Application Insights monitoring
• Container orchestration (Kubernetes, Docker)
• CI/CD pipeline templates

Common Use Cases

Microservices Development

Build consistent microservices with standardized logging, monitoring, and configuration across your service mesh. Tenant context automatically propagates through service calls, and distributed tracing provides end-to-end visibility.

Multi-Tenant SaaS Applications

Develop SaaS applications with built-in tenant isolation, tenant-aware configuration, and per-tenant monitoring. Scale from single-tenant to enterprise multi-tenant deployments without code changes.

Enterprise Application Modernization

Migrate legacy applications to modern .NET with a proven framework that provides enterprise-grade infrastructure. Standardize across your application portfolio while maintaining consistency.

Rapid Prototyping and MVP Development

Accelerate time-to-market by focusing on business logic while the SDK handles infrastructure concerns. Production-ready from day one with built-in observability and configurability.

High-Compliance Environments

Support regulatory programs (SOC 2, HIPAA, GDPR) with audit logging hooks, data masking helpers, tenant isolation, and extensible monitoring. Each component provides building blocks you can tailor to your policies.

Technical Specifications

• Platform: .NET 8.0 with C# 12.0
• Architecture: Clean Architecture with Domain-Driven Design
• Testing: xUnit with FluentAssertions and Moq
• Documentation: Comprehensive XML documentation with full IntelliSense support
• Dependencies: Minimal external dependencies, extensible providers
• Packaging: NuGet packages for modular adoption
• Support: Enterprise support options available

Why Riptide Platform SDK

Business Value

• Faster Development: Pre-built infrastructure components eliminate months of foundational work
• Reduced Technical Debt: Clean architecture patterns prevent common pitfalls
• Lower Maintenance Costs: Well-tested, documented code requires less ongoing effort
• Faster Onboarding: New developers productive immediately with familiar patterns
• Risk Mitigation: Battle-tested components reduce production incidents

Technical Excellence

• Full IntelliSense Support: Complete XML documentation enables rich IDE integration
• Comprehensive Test Coverage: Unit, integration, and architecture tests
• Clean Architecture: SOLID principles throughout
• Performance Optimized: Efficient implementations with minimal overhead
• Extensibility: Provider pattern allows customization without forking

Enterprise Ready

• Multi-Tenant Native: Built for SaaS from the ground up
• Observable: Comprehensive logging and monitoring
• Secure: Built-in secrets management and data masking
• Scalable: Designed for high-throughput scenarios
• Compliance-Friendly: Audit trail and retention building blocks ready for extension

Support & Resources

• Active Development: Regular updates and improvements
• Comprehensive Documentation: API docs, guides, and examples
• Sample Applications: Real-world reference implementations
• Best Practices: Proven patterns and anti-pattern guidance
• Enterprise Support: Professional support options available

Getting Started

Quick Start

// Program.cs
var builder = WebApplication.CreateBuilder(args);

// Add Riptide Platform services
builder.Services
    .AddRiptideIdentity(builder.Configuration)
    .AddRiptideLogging(options => options.UseConsole().UseFile())
    .AddRiptideConfiguration(options => options.UseLocalDevelopment())
    .AddRiptideMonitoring(options => options.UseDataDog())
    .AddRiptideDependencyInjection()
    .AddRiptideTenantIsolation();

var app = builder.Build();

// Add Riptide middleware
app.UseAuthentication()
   .UseAuthorization()
   .UseRiptideLogging()
   .UseRiptideTenantResolution()
   .UseRiptideMonitoring();

app.Run();

Installation

For the simplest onboarding, install the unified SDK meta-package:

dotnet add package Riptide.Platform.SDK

If you prefer to adopt components one at a time, install the Bootstrap packages individually:

dotnet add package Riptide.Platform.Identity.Bootstrap
dotnet add package Riptide.Platform.Logging.Bootstrap
dotnet add package Riptide.Platform.Configuration.Bootstrap
dotnet add package Riptide.Platform.Monitoring.Bootstrap
dotnet add package Riptide.Platform.DependencyInjection.Bootstrap
dotnet add package Riptide.Platform.TenantIsolation.Bootstrap
dotnet add package Riptide.Platform.Testing.Bootstrap
dotnet add package Riptide.Platform.Licensing

Identity Management Setup

Configure your application's identity mode based on deployment requirements:

// Self-Contained Mode (appsettings.json)
{
  "Identity": {
    "Mode": "SelfContained",
    "SelfContained": {
      "DatabaseProvider": "SQLite",
      "ConnectionString": "Data Source=identity.db",
      "JwtSecretKey": "#{JWT_SECRET_KEY}#your-secret-key-min-32-chars",
      "CreateDefaultAdmin": true
    }
  }
}

// SSO Mode (appsettings.json)
{
  "Identity": {
    "Mode": "SingleSignOn",
    "Sso": {
      "Provider": "AzureEntraId",
      "ClientId": "#{SSO_CLIENT_ID}#your-client-id",
      "ClientSecret": "#{SSO_CLIENT_SECRET}#your-client-secret",
      "TenantId": "#{SSO_TENANT_ID}#your-tenant-id"
    }
  }
}

// Identity Lite Mode with Capabilities (appsettings.json)
{
  "Identity": {
    "Mode": "IdentityLite",
    "IdentityLite": {
      "ServerUrl": "https://identity.riptide.solutions",
      "ApplicationName": "myapp",
      "ApiKey": "#{IDENTITY_LITE_API_KEY}#your-api-key",
      "Capabilities": [
        {
          "Code": "myapp:read",
          "Name": "View Data",
          "Description": "Can view application data"
        },
        {
          "Code": "myapp:admin",
          "Name": "Administrator",
          "Description": "Full administrative access"
        }
      ]
    }
  }
}

Use declarative capability-based authorization in your controllers:

[ApiController]
[Route("api/data")]
public class DataController : ControllerBase
{
    [HttpGet]
    [RequireCapability("myapp:read")]
    public async Task<IActionResult> GetData()
    {
        // Capability checked automatically by attribute
        return Ok(data);
    }
    
    [HttpPost]
    [RequireCapability("myapp:create", "myapp:admin")]
    public async Task<IActionResult> CreateData([FromBody] DataDto data)
    {
        // User must have either capability
        return Ok(result);
    }
}

Licensing Your Application

Protect your application with the SDK's cryptographic licensing system:

// Add licensing to your application
builder.Services.AddRiptideLicensing(options => 
{
    options.Token = builder.Configuration["Riptide:Platform:License:Token"];
    options.InstallationId = builder.Configuration["Riptide:Platform:License:InstallationId"];
});

// For development, use the LicenseGenerator tool:
// cd tools/LicenseGenerator && dotnet run

See the Licensing Component Documentation for detailed information about the cryptographic licensing system, key management, and the LicenseGenerator tool.

Architecture Validation

The SDK includes built-in architecture tests to ensure your application maintains clean architecture principles:

• Layer dependency validation
• Naming convention enforcement
• Test coverage requirements
• Documentation completeness checks

Performance Characteristics

• Designed for Low Overhead: Middleware is tuned to stay lightweight—benchmark in your own environment before going live.
• Logging Pipeline: Asynchronous batching defaults help balance throughput and latency; adjust policies to fit your workload.
• Configuration & Metrics Caching: Reduces redundant lookups while remaining responsive to change notifications.
• Memory Awareness: Hot paths minimize allocations for typical web workloads; validate with your production load tests.
• Scale Guidance: Internal stress tests cover high-throughput scenarios, but plan full performance runs prior to production.

Compliance & Security

• Audit Trail Hooks: Structured logging and change tracking primitives to plug into your compliance workflows.
• Sensitive Data Guardrails: Masking utilities and encryption extension points to align with HIPAA or similar policies.
• Tenant Controls: Isolation patterns and deletion hooks that support GDPR-style data requests.
• Security Foundations: Secrets management helpers and least-privilege defaults that you can extend for your environment.
• Ongoing Updates: Regular dependency updates and vulnerability scanning guidance; review against your internal standards.

Roadmap

Current (v1.0)

• All eight core components production-ready
• Identity Management with three deployment modes
• ASP.NET Core integration complete
• Comprehensive documentation

Near-Term (v1.1)

• Additional SSO providers (Google, Okta)
• Additional monitoring providers (New Relic, Grafana)
• Enhanced testing utilities
• Performance optimizations
• Additional configuration providers

Future

• GraphQL integration
• gRPC support
• Distributed caching component
• Event sourcing utilities
• CQRS patterns

Support & Resources

• Documentation: docs/
• Sample Applications: samples/
• API Reference: docs/api/
• Enterprise Support: Contact for professional support options

---

Riptide Platform SDK - Building enterprise applications the right way, from day one.