public async Task <AuthorizationPolicyResult> IsAuthorized(Ticket validTicket, string clientId, List <ClaimTokenParameter> claimTokenParameters)
{
if (validTicket == null)
{
throw new ArgumentNullException(nameof(validTicket));
}
if (string.IsNullOrWhiteSpace(clientId))
{
throw new ArgumentNullException(nameof(clientId));
}
var resourceSet = await _resourceSetRepository.Get(validTicket.ResourceSetId);
if (resourceSet == null)
{
throw new BaseUmaException(ErrorCodes.InternalError,
string.Format(ErrorDescriptions.TheResourceSetDoesntExist, validTicket.ResourceSetId));
}
if (resourceSet.Policies == null ||
!resourceSet.Policies.Any())
{
return(new AuthorizationPolicyResult
{
Type = AuthorizationPolicyResultEnum.Authorized
});
}
foreach (var authorizationPolicy in resourceSet.Policies)
{
var result = await _basicAuthorizationPolicy.Execute(validTicket, authorizationPolicy, claimTokenParameters);
if (result.Type != AuthorizationPolicyResultEnum.Authorized)
{
_umaServerEventSource.AuthorizationPolicyFailed(authorizationPolicy.Id);
return(result);
}
}
return(new AuthorizationPolicyResult
{
Type = AuthorizationPolicyResultEnum.Authorized
});
}