Ejemplo n.º 1
0
    public static async Task <bool> IsAuthorizedAsync(this Type type, Task <AuthenticationState>?authenticateState, IAuthorizationPolicyProvider?authorizePolicy, IAuthorizationService?authorizeService, object?resource = null)
    {
        var ret           = true;
        var authorizeData = AttributeAuthorizeDataCache.GetAuthorizeDataForType(type);

        if (authorizeData != null)
        {
            EnsureNoAuthenticationSchemeSpecified();

            if (authenticateState != null && authorizePolicy != null && authorizeService != null)
            {
                var currentAuthenticationState = await authenticateState;
                var user   = currentAuthenticationState.User;
                var policy = await AuthorizationPolicy.CombineAsync(authorizePolicy, authorizeData);

                if (policy != null)
                {
                    var result = await authorizeService.AuthorizeAsync(user, resource, policy);

                    ret = result.Succeeded;
                }
            }
        }
        return(ret);

        void EnsureNoAuthenticationSchemeSpecified()
        {
            // It's not meaningful to specify a nonempty scheme, since by the time Components
            // authorization runs, we already have a specific ClaimsPrincipal (we're stateful).
            // To avoid any confusion, ensure the developer isn't trying to specify a scheme.
            for (var i = 0; i < authorizeData.Length; i++)
            {
                var entry = authorizeData[i];
                if (!string.IsNullOrEmpty(entry.AuthenticationSchemes))
                {
                    throw new NotSupportedException($"The authorization data specifies an authentication scheme with value '{entry.AuthenticationSchemes}'. Authentication schemes cannot be specified for components.");
                }
            }
        }
    }
Ejemplo n.º 2
0
        private RenderFragment WrapInAuthorizeViewCore(RenderFragment pageFragment)
        {
            var authorizeData = AttributeAuthorizeDataCache.GetAuthorizeDataForType(Page);

            if (authorizeData == null)
            {
                // No authorization, so no need to wrap the fragment
                return(pageFragment);
            }

            // Some authorization data exists, so we do need to wrap the fragment
            RenderFragment <AuthenticationState> authorizedContent = context => pageFragment;

            return(builder =>
            {
                builder.OpenComponent <AuthorizeViewWithSuppliedData>(0);
                builder.AddAttribute(1, nameof(AuthorizeViewWithSuppliedData.AuthorizeDataParam), authorizeData);
                builder.AddAttribute(2, nameof(AuthorizeViewWithSuppliedData.Authorized), authorizedContent);
                builder.AddAttribute(3, nameof(AuthorizeViewWithSuppliedData.NotAuthorized), NotAuthorizedContent ?? DefaultNotAuthorizedContent);
                builder.AddAttribute(4, nameof(AuthorizeViewWithSuppliedData.Authorizing), AuthorizingContent);
                builder.CloseComponent();
            });
        }
Ejemplo n.º 3
0
 protected override IAuthorizeData[]? GetAuthorizeData()
 => AttributeAuthorizeDataCache.GetAuthorizeDataForType(RouteData.PageType);