public static async Task <bool> IsAuthorizedAsync(this Type type, Task <AuthenticationState>?authenticateState, IAuthorizationPolicyProvider?authorizePolicy, IAuthorizationService?authorizeService, object?resource = null) { var ret = true; var authorizeData = AttributeAuthorizeDataCache.GetAuthorizeDataForType(type); if (authorizeData != null) { EnsureNoAuthenticationSchemeSpecified(); if (authenticateState != null && authorizePolicy != null && authorizeService != null) { var currentAuthenticationState = await authenticateState; var user = currentAuthenticationState.User; var policy = await AuthorizationPolicy.CombineAsync(authorizePolicy, authorizeData); if (policy != null) { var result = await authorizeService.AuthorizeAsync(user, resource, policy); ret = result.Succeeded; } } } return(ret); void EnsureNoAuthenticationSchemeSpecified() { // It's not meaningful to specify a nonempty scheme, since by the time Components // authorization runs, we already have a specific ClaimsPrincipal (we're stateful). // To avoid any confusion, ensure the developer isn't trying to specify a scheme. for (var i = 0; i < authorizeData.Length; i++) { var entry = authorizeData[i]; if (!string.IsNullOrEmpty(entry.AuthenticationSchemes)) { throw new NotSupportedException($"The authorization data specifies an authentication scheme with value '{entry.AuthenticationSchemes}'. Authentication schemes cannot be specified for components."); } } } }
private RenderFragment WrapInAuthorizeViewCore(RenderFragment pageFragment) { var authorizeData = AttributeAuthorizeDataCache.GetAuthorizeDataForType(Page); if (authorizeData == null) { // No authorization, so no need to wrap the fragment return(pageFragment); } // Some authorization data exists, so we do need to wrap the fragment RenderFragment <AuthenticationState> authorizedContent = context => pageFragment; return(builder => { builder.OpenComponent <AuthorizeViewWithSuppliedData>(0); builder.AddAttribute(1, nameof(AuthorizeViewWithSuppliedData.AuthorizeDataParam), authorizeData); builder.AddAttribute(2, nameof(AuthorizeViewWithSuppliedData.Authorized), authorizedContent); builder.AddAttribute(3, nameof(AuthorizeViewWithSuppliedData.NotAuthorized), NotAuthorizedContent ?? DefaultNotAuthorizedContent); builder.AddAttribute(4, nameof(AuthorizeViewWithSuppliedData.Authorizing), AuthorizingContent); builder.CloseComponent(); }); }
protected override IAuthorizeData[]? GetAuthorizeData() => AttributeAuthorizeDataCache.GetAuthorizeDataForType(RouteData.PageType);