protected override void Handle(AuthorizationContext context, Over18Requirement requirement)
{
if (!context.User.HasClaim(c => c.Type == ClaimTypes.DateOfBirth))
{
context.Fail();
return;
}
var dateOfBirth = Convert.ToDateTime(context.User.FindFirst(c => c.Type == ClaimTypes.DateOfBirth).Value);
int age = DateTime.Today.Year - dateOfBirth.Year;
if (dateOfBirth > DateTime.Today.AddYears(-age))
{
age--;
}
if (age >= 18)
{
context.Succeed(requirement);
}
else
{
context.Fail();
}
}
public override void Handle(AuthorizationContext context, MyAuthRequirement requirement)
{
// grab the identity for the MyAuth authentication
var myAuthIdentities = context.User.Identities.Where(x => x.AuthenticationType == "MyAuth").FirstOrDefault();
if (myAuthIdentities == null)
{
context.Fail();
return;
}
// grab the authentication header and uri types for our identity
var authHeaderClaim = myAuthIdentities.Claims.Where(x => x.Type == ClaimTypes.Authentication).FirstOrDefault();
var uriClaim = context.User.Claims.Where(x => x.Type == ClaimTypes.Uri).FirstOrDefault();
if (uriClaim == null || authHeaderClaim == null)
{
context.Fail();
return;
}
// enforce our requirement (evaluate values from the identity/claims)
if (/* passes our enforcement test */)
{
context.Succeed(requirement);
}
else
{
context.Fail();
}
}
protected override void Handle(AuthorizationContext context, OperationAuthorizationRequirement requirement, Document resource)
{
if (context.User.Identity.Name == "davidfowler")
{
context.Fail();
return;
}
}
protected override void Handle(AuthorizationContext context, UserRequirement requirement)
{
if (!context.User.HasClaim(c => c.Type == "UserId"))
{
context.Fail();
return;
}
context.Succeed(requirement);
}
protected override void Handle(AuthorizationContext context, OnlyRoleRequirement requirement)
{
if (context.User.IsInRole(_roleName))
{
context.Succeed(requirement);
return;
}
context.Fail();
}
protected override void Handle(AuthorizationContext context, TrustedWebClientRequirement requirement)
{
var resourceContext = context.Resource as Microsoft.AspNet.Mvc.Filters.AuthorizationContext;
if (requirement.Validate(resourceContext.HttpContext, _config))
{
context.Succeed(requirement);
}
else
{
context.Fail();
}
}
protected override void Handle(AuthorizationContext context, ScopeRequierment requirement)
{
var tokenScope = context.User.FindFirst("Scope");
string[] tokenScopes = tokenScope.Value.Split(' ');
foreach (var requiredScope in _requiredScopes)
{
if (!tokenScopes.Contains(requiredScope))//case sensative...
{
context.Fail();
return;
}
}
context.Succeed(requirement);
}
protected override void Handle(AuthorizationContext context,
OperationAuthorizationRequirement requirement, Contact resource)
{
if (resource == null)
{
return;
}
// Return if we haven't requested this requirement.
if (string.CompareOrdinal(requirement.Name, Constants.ContainsOne) != 0)
{
return;
}
if (!resource.Address.Contains("1"))
{
context.Fail();
}
}
protected override void Handle(AuthorizationContext context, TokenAuthRequirement requirement)
{
var httpContext = (context.Resource as ActionContext).HttpContext;
var request = httpContext.Request;
if (SecurityHelper.SkipRequired(request.Path))
{
context.Succeed(requirement);
return;
}
if (IsAuthorizedForRequestedAction(context, requirement))
{
context.Succeed(requirement);
}
else
{
httpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
context.Fail();
}
}
protected override void Handle(AuthorizationContext context, UsuarioTemClaim requirement)
{
bool valido = false;
foreach (var acesso in _claims)
{
if (context.User.HasClaim(p => p.Type == acesso))
{
valido = true;
break;
}
}
if (valido)
{
context.Succeed(requirement);
return;
}
context.Fail();
}
protected override void Handle(AuthorizationContext context, OperationAuthorizationRequirement requirement, Document resource)
{
var isSuperUser = context.User.FindFirst(c => c.Type == "Superuser" && c.Issuer == "urn:idunno.org" && c.Value == "True");
if (isSuperUser != null)
{
context.Succeed(requirement);
return;
}
var documentPermissionClaim = context.User.FindFirst(c => c.Type == "Documents" && c.Issuer == "urn:idunno.org");
if (documentPermissionClaim == null)
{
context.Fail();
return;
}
if (MapClaimsToOperations(documentPermissionClaim.Value).Contains(requirement))
{
context.Succeed(requirement);
}
}
