Ejemplo n.º 1
0
        public void HandleRequirementFailTest()
        {
            ClaimsPrincipal user = new ClaimsPrincipal(new ClaimsIdentity(new GenericIdentity("UnitTestUser"), new List <Claim> {
                new Claim(ClaimTypes.Role, "SecondRole")
            }));
            IAuthorizationRequirement requirement = new SimplePermissionRequirement("FirstPermission");

            AuthorizationHandlerContext authorizationContext = new AuthorizationHandlerContext(new List <IAuthorizationRequirement> {
                requirement
            }, user, null);

            AuthorizationHandler <SimplePermissionRequirement> authorizationHandler = (AuthorizationHandler <SimplePermissionRequirement>)requirement;

            authorizationHandler.HandleAsync(authorizationContext);

            Assert.IsFalse(authorizationContext.HasSucceeded);
        }
Ejemplo n.º 2
0
        private async Task <List <User> > PermissionCheck(SimplePermissionType type)
        {
            var list = new List <User>();

            foreach (var user in _db.Fetch <User>())
            {
                var claimsPrincipal = await _factory.CreateAsync(user);

                var notify = (await _authorization.AuthorizeAsync(claimsPrincipal, null,
                                                                  SimplePermissionRequirement.For(type))).Succeeded;
                if (notify)
                {
                    list.Add(user);
                }
            }

            return(list);
        }
Ejemplo n.º 3
0
        public async Task <RedirectResult> SingleSignOn([FromQuery] string sso, [FromQuery] string sig)
        {
            var(nonce, returnUrl) = _discourseService.OpenPayload(sso, sig);
            var user = await _userManager.GetUserAsync(User);

            _log.Information("Login request from {user}", user.UserName, user.Id, nonce, returnUrl);
            var(payload, signature) = _discourseService.CreatePayload(nonce, user.Email.Address, user.Id,
                                                                      user.UserName, user.Name,
                                                                      Url.Action("Avatar", "Files", new { id = user.Id }, Request.Scheme, Request.Host.Value), user.Biography,
                                                                      user.Roles, _roleManager.Roles.Where(r => !user.Roles.Contains(r.Name)).Select(r => r.Name).ToList(),
                                                                      (await _authorizationService.AuthorizeAsync(User, null,
                                                                                                                  SimplePermissionRequirement.For(SimplePermissionType.DiscourseAdmin))).Succeeded,
                                                                      (await _authorizationService.AuthorizeAsync(User, null,
                                                                                                                  SimplePermissionRequirement.For(SimplePermissionType.DiscourseModerator))).Succeeded, true, false);
            if (returnUrl == null)
            {
                returnUrl = Request.Headers["Referer"];
            }
            var url = returnUrl.SetQueryParam("sso", payload).SetQueryParam("sig", signature);

            return(Redirect(url));
        }