public static bool IsAuthorized(string callerClass, AuthorizationAction action)
{
var q = Privileges.Where(r => r.FormName == callerClass);
switch (action)
{
case AuthorizationAction.Access:
return(q.Any(r => r.AllowAccess));
case AuthorizationAction.View:
return(q.Any(r => r.AllowView));
case AuthorizationAction.ViewAll:
return(q.Any(r => r.AllowViewAll));
case AuthorizationAction.Create:
return(q.Any(r => r.AllowCreate));
case AuthorizationAction.Edit:
return(q.Any(r => r.AllowEdit));
case AuthorizationAction.Delete:
return(q.Any(r => r.AllowDelete));
case AuthorizationAction.Print:
return(q.Any(r => r.AllowPrint));
}
return(false);
}
async Task <HttpResponseMessage> Process(string parameters)
{
// Call Authlete's /api/auth/authorization API.
AuthorizationResponse response =
await CallAuthorizationApi(parameters);
// 'action' in the response denotes the next action
// which this authorization endpoint implementation
// should take.
AuthorizationAction action = response.Action;
// Dispatch according to the action.
switch (action)
{
case AuthorizationAction.INTERACTION:
// Process the authorization request with
// user interaction.
return(await HandleInteraction(response));
case AuthorizationAction.NO_INTERACTION:
// Process the authorization request without
// user interaction. The flow reaches here
// only when the authorization request contains
// 'prompt=none'.
return(await HandleNoInteraction(response));
default:
// Handle other error cases here.
return(HandleError(response));
}
}
/// <summary>
/// 为特定的权限路径进行授权
/// </summary>
/// <param name="authorizationUri">权限路径</param>
/// <param name="action">授权动作<see cref="AuthorizationAction"/></param>
public void Authorization(string authorizationUri, AuthorizationAction action)
{
if (!actions.Contains(new AuthorizationActionInfo(authorizationUri, action)))
{
actions.Add(new AuthorizationActionInfo(authorizationUri, action));
}
}
public static bool IsAuthorized(Type callerClass, AuthorizationAction action)
{
return(IsAuthorized(callerClass.Name, action));
}
public AuthorizationActionInfo(string authorizationUri, AuthorizationAction action)
{
AuthorizationUri = authorizationUri;
Action = action;
}
/// <summary>
/// 为特定的权限路径进行授权
/// </summary>
/// <param name="authorizationUri">权限路径</param>
/// <param name="action">授权动作<see cref="AuthorizationAction"/></param>
public void Authorization(string authorizationUri, AuthorizationAction action)
{
if(!actions.Contains(new AuthorizationActionInfo(authorizationUri, action)))
actions.Add(new AuthorizationActionInfo(authorizationUri, action));
}
public AuthorizationAttribute(ClaimScope claimScope, AuthorizationAction action, AuthorizationEntity entity)
{
ClaimScope = claimScope;
Name = AuthorizationName.Generate(action, entity);
}
public static string Generate(AuthorizationAction action, AuthorizationEntity entity)
{
return($"{action}-{entity}");
}
public AuthorizationActionInfo(string authorizationUri, AuthorizationAction action)
{
AuthorizationUri = authorizationUri;
Action = action;
}
