Last active
March 3, 2020 18:24
-
-
Save kkadir/fbcea882d36d0c7e4e87d3d22e2702b4 to your computer and use it in GitHub Desktop.
The custom policy provider.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Linq; | |
| using System.Threading.Tasks; | |
| using Microsoft.AspNetCore.Authorization; | |
| using Microsoft.Extensions.Options; | |
| namespace CustomPolicyProvidersDemo.Authorization | |
| { | |
| public class PermissionsPolicyProvider : IAuthorizationPolicyProvider | |
| { | |
| public PermissionsPolicyProvider(IOptions<AuthorizationOptions> options) | |
| { | |
| FallbackPolicyProvider = new DefaultAuthorizationPolicyProvider(options); | |
| } | |
| public DefaultAuthorizationPolicyProvider FallbackPolicyProvider { get; } | |
| public Task<AuthorizationPolicy> GetDefaultPolicyAsync() | |
| { | |
| return Task.FromResult(new AuthorizationPolicyBuilder("Bearer").RequireAuthenticatedUser().Build()); | |
| } | |
| public Task<AuthorizationPolicy> GetFallbackPolicyAsync() => FallbackPolicyProvider.GetFallbackPolicyAsync(); | |
| public Task<AuthorizationPolicy> GetPolicyAsync(string policyName) | |
| { | |
| if (string.IsNullOrWhiteSpace(policyName)) | |
| { | |
| return FallbackPolicyProvider.GetPolicyAsync(policyName); | |
| } | |
| var policyTokens = policyName.Split(';', StringSplitOptions.RemoveEmptyEntries); | |
| if (policyTokens?.Any() != true) | |
| { | |
| return FallbackPolicyProvider.GetPolicyAsync(policyName); | |
| } | |
| var policy = new AuthorizationPolicyBuilder("Bearer"); | |
| var identifier = Guid.NewGuid(); | |
| foreach (var token in policyTokens) | |
| { | |
| var pair = token.Split('$', StringSplitOptions.RemoveEmptyEntries); | |
| if (pair?.Any() != true || pair.Length != 2) | |
| { | |
| return FallbackPolicyProvider.GetPolicyAsync(policyName); | |
| } | |
| IAuthorizationRequirement requirement = (pair[0]) switch | |
| { | |
| PermissionsAttribute.PermissionsGroup => new PermissionsRequirement(pair[1], identifier), | |
| PermissionsAttribute.RolesGroup => new RolesRequirement(pair[1], identifier), | |
| PermissionsAttribute.ScopesGroup => new ScopesRequirement(pair[1], identifier), | |
| _ => null, | |
| }; | |
| if (requirement == null) | |
| { | |
| return FallbackPolicyProvider.GetPolicyAsync(policyName); | |
| } | |
| policy.AddRequirements(requirement); | |
| } | |
| return Task.FromResult(policy.Build()); | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment