GeorgDangl · July 10, 2018 14:48
diff --git a/ApiKeyRequirement.cs b/ApiKeyRequirement.cs
 public class ApiKeyRequirement : IAuthorizationRequirement
 {
    public IReadOnlyList<string> ApiKeys { get; set; }

    public ApiKeyRequirement(IEnumerable<string> apiKeys)
    {
        ApiKeys = apiKeys?.ToList() ?? new List<string>();
    }
 }
diff --git a/ApiKeyRequirementHandler.cs b/ApiKeyRequirementHandler.cs
 public class ApiKeyRequirementHandler : AuthorizationHandler<ApiKeyRequirement>
 {
    public const string API_KEY_HEADER_NAME = "X-API-KEY";

    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ApiKeyRequirement requirement)
    {
        SucceedRequirementIfApiKeyPresentAndValid(context, requirement);
        return Task.CompletedTask;
    }

    private void SucceedRequirementIfApiKeyPresentAndValid(AuthorizationHandlerContext context, ApiKeyRequirement requirement)
    {
        if (context.Resource is AuthorizationFilterContext authorizationFilterContext)
        {
            var apiKey = authorizationFilterContext.HttpContext.Request.Headers[API_KEY_HEADER_NAME].FirstOrDefault();
            if (apiKey != null && requirement.ApiKeys.Any(requiredApiKey => apiKey == requiredApiKey))
            {
                context.Succeed(requirement);
            }
        }
    }
 }
diff --git a/Controller.cs b/Controller.cs
 public class MyController : Controller
 {
    [Authorize(Policy = "ApiKeyPolicy")]
    public async Task<IActionResult> DoSensitiveOperation()
    {
        // This action can only be called if the request has a correct
        // api key attached
    }
 }
diff --git a/Startup.cs b/Startup.cs
 public void ConfigureServices(IServiceCollection services)
 {
    services.AddTransient<IAuthorizationHandler, ApiKeyRequirementHandler>();
    services.AddAuthorization(authConfig =>
    {
        authConfig.AddPolicy("ApiKeyPolicy",
            policyBuilder => policyBuilder
                .AddRequirements(new ApiKeyRequirement(new[] { "my-secret-key" })));
    });
 }
	public class ApiKeyRequirement : IAuthorizationRequirement
	{
	public IReadOnlyList<string> ApiKeys { get; set; }

	public ApiKeyRequirement(IEnumerable<string> apiKeys)
	{
	ApiKeys = apiKeys?.ToList() ?? new List<string>();
	}
	}
	public class ApiKeyRequirementHandler : AuthorizationHandler<ApiKeyRequirement>
	{
	public const string API_KEY_HEADER_NAME = "X-API-KEY";

	protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ApiKeyRequirement requirement)
	{
	SucceedRequirementIfApiKeyPresentAndValid(context, requirement);
	return Task.CompletedTask;
	}

	private void SucceedRequirementIfApiKeyPresentAndValid(AuthorizationHandlerContext context, ApiKeyRequirement requirement)
	{
	if (context.Resource is AuthorizationFilterContext authorizationFilterContext)
	{
	var apiKey = authorizationFilterContext.HttpContext.Request.Headers[API_KEY_HEADER_NAME].FirstOrDefault();
	if (apiKey != null && requirement.ApiKeys.Any(requiredApiKey => apiKey == requiredApiKey))
	{
	context.Succeed(requirement);
	}
	}
	}
	}
	public class MyController : Controller
	{
	[Authorize(Policy = "ApiKeyPolicy")]
	public async Task<IActionResult> DoSensitiveOperation()
	{
	// This action can only be called if the request has a correct
	// api key attached
	}
	}
	public void ConfigureServices(IServiceCollection services)
	{
	services.AddTransient<IAuthorizationHandler, ApiKeyRequirementHandler>();
	services.AddAuthorization(authConfig =>
	{
	authConfig.AddPolicy("ApiKeyPolicy",
	policyBuilder => policyBuilder
	.AddRequirements(new ApiKeyRequirement(new[] { "my-secret-key" })));
	});
	}