Example #1
0
 public AuthorizeMiddleware(FieldDelegate next, IAuthorizationHandler authorizationHandler)
 {
     _next = next ??
             throw new ArgumentNullException(nameof(next));
     _authorizationHandler = authorizationHandler ??
                             throw new ArgumentNullException(nameof(authorizationHandler));
 }
 public TestAuthorizationHandler(
     IAuthorizationHandler handler,
     IHook <AuthorizationHandlerContext> authContextHook)
 {
     _handler         = handler;
     _authContextHook = authContextHook;
 }
Example #3
0
        /// <summary>
        /// Initializes a new instance of the <see cref="AuthorizationContext"/> class.
        /// </summary>
        /// <param name="kernel">The kernel.</param>
        /// <param name="authorizationStore">The <see cref="IAuthorizationStore"/>.</param>
        /// <param name="authorizationHandler">The <see cref="IAuthorizationHandler"/>.</param>
        /// <param name="authorizationContextConfiguration">The <see cref="IAuthorizationContextConfiguration"/>.</param>
        /// <exception cref="ArgumentNullException">The value of '<paramref name="kernel"/>', '<paramref name="authorizationHandler"/>', '<paramref name="authorizationStore"/>' and '<paramref name="authorizationContextConfiguration"/>' cannot be null. </exception>
        public AuthorizationContext([NotNull] IKernel kernel, [NotNull] IAuthorizationStore authorizationStore, [NotNull] IAuthorizationHandler authorizationHandler, [NotNull] IAuthorizationContextConfiguration authorizationContextConfiguration)
        {
            if (kernel == null)
            {
                throw new ArgumentNullException(nameof(kernel));
            }

            if (authorizationStore == null)
            {
                throw new ArgumentNullException(nameof(authorizationStore));
            }

            if (authorizationHandler == null)
            {
                throw new ArgumentNullException(nameof(authorizationHandler));
            }

            if (authorizationContextConfiguration == null)
            {
                throw new ArgumentNullException(nameof(authorizationContextConfiguration));
            }

            this.Kernel               = kernel;
            this.authorizationStore   = authorizationStore;
            this.authorizationHandler = authorizationHandler;
            this.AuthorizationContextConfiguration = authorizationContextConfiguration;
            this.AuthorizationContextState         = new UnauthorizedAuthorizationContextState(authorizationStore, authorizationHandler);
        }
 /// <summary>
 /// Creates an authorization policy which can build and set a claims principal.
 /// </summary>
 /// <param name="authorizationHandler">Functionality which can handle authorization.</param>
 public ClaimsPrincipalBuilderAuthorizationPolicy(IAuthorizationHandler authorizationHandler)
 {
     if (authorizationHandler == null)
     {
         throw new ArgumentNullException("authorizationHandler");
     }
     _authorizationHandler = authorizationHandler;
 }
 /// <summary>
 /// Creates functionality which checks authorization access for a secure token on each service operation.
 /// </summary>
 /// <param name="authorizationHandler">Functionality which can handle authorization.</param>
 public SecureTokenAuthorizer(IAuthorizationHandler authorizationHandler)
 {
     if (authorizationHandler == null)
     {
         throw new ArgumentNullException("authorizationHandler");
     }
     _authorizationHandler = authorizationHandler;
 }
Example #6
0
        public void CheckPerformActivity(String authenticatedActorId, Int64 flowId, IDictionary attributeValues, String transitionName, DbSession dbSession)
        {
            IAuthorizationHandler authorizationHandler = GetHandlerFromFlowId(flowId, dbSession);

            if (authorizationHandler != null)
            {
                authorizationHandler.CheckPerformActivity(authenticatedActorId, flowId, attributeValues, transitionName);
            }
        }
Example #7
0
        public void CheckPerformActivity(Guid authenticatedActorId, Guid flowId, IDictionary <string, object> attributeValues, string transitionName)
        {
            IAuthorizationHandler authorizationHandler = GetHandlerFromFlowId(flowId);

            if (authorizationHandler != null)
            {
                authorizationHandler.CheckPerformActivity(authenticatedActorId, flowId, attributeValues, transitionName);
            }
        }
Example #8
0
        public void CheckDelegateActivity(String authenticatedActorId, Int64 flowId, String delegateActorId, DbSession dbSession)
        {
            IAuthorizationHandler authorizationHandler = GetHandlerFromFlowId(flowId, dbSession);

            if (authorizationHandler != null)
            {
                authorizationHandler.CheckDelegateActivity(authenticatedActorId, flowId, delegateActorId);
            }
        }
Example #9
0
        public void CheckGetStartForm(Guid authenticatedActorId, Guid processDefinitionId)
        {
            IAuthorizationHandler authorizationHandler = GetHandlerFromProcessDefinitionId(processDefinitionId);

            if (authorizationHandler != null)
            {
                authorizationHandler.CheckGetStartForm(authenticatedActorId, processDefinitionId);
            }
        }
Example #10
0
        public void CheckGetActivityForm(Guid authenticatedActorId, Guid flowId)
        {
            IAuthorizationHandler authorizationHandler = GetHandlerFromFlowId(flowId);

            if (authorizationHandler != null)
            {
                authorizationHandler.CheckGetActivityForm(authenticatedActorId, flowId);
            }
        }
Example #11
0
        public void CheckCancelProcessInstance(Guid authenticatedActorId, Guid processInstanceId)
        {
            IAuthorizationHandler authorizationHandler = GetHandlerFromProcessInstanceId(processInstanceId);

            if (authorizationHandler != null)
            {
                authorizationHandler.CheckCancelProcessInstance(authenticatedActorId, processInstanceId);
            }
        }
Example #12
0
        public void CheckStartProcessInstance(Guid authenticatedActorId, Guid processDefinitionId, IDictionary <string, object> attributeValues, string transitionName)
        {
            IAuthorizationHandler authorizationHandler = GetHandlerFromProcessDefinitionId(processDefinitionId);

            if (authorizationHandler != null)
            {
                authorizationHandler.CheckStartProcessInstance(authenticatedActorId, processDefinitionId, attributeValues, transitionName);
            }
        }
Example #13
0
        public void CheckCancelProcessInstance(String authenticatedActorId, Int64 processInstanceId, DbSession dbSession)
        {
            IAuthorizationHandler authorizationHandler = GetHandlerFromProcessInstanceId(processInstanceId, dbSession);

            if (authorizationHandler != null)
            {
                authorizationHandler.CheckCancelProcessInstance(authenticatedActorId, processInstanceId);
            }
        }
Example #14
0
        public void CheckDelegateActivity(Guid authenticatedActorId, Guid flowId, string delegateActorId)
        {
            IAuthorizationHandler authorizationHandler = GetHandlerFromFlowId(flowId);

            if (authorizationHandler != null)
            {
                authorizationHandler.CheckDelegateActivity(authenticatedActorId, flowId, delegateActorId);
            }
        }
Example #15
0
        public void CheckStartProcessInstance(String authenticatedActorId, Int64 processDefinitionId, IDictionary attributeValues, String transitionName, DbSession dbSession)
        {
            IAuthorizationHandler authorizationHandler = GetHandlerFromProcessDefinitionId(processDefinitionId, dbSession);

            if (authorizationHandler != null)
            {
                authorizationHandler.CheckStartProcessInstance(authenticatedActorId, processDefinitionId, attributeValues, transitionName);
            }
        }
Example #16
0
        public void CheckGetStartForm(String authenticatedActorId, Int64 processDefinitionId, DbSession dbSession)
        {
            IAuthorizationHandler authorizationHandler = GetHandlerFromProcessDefinitionId(processDefinitionId, dbSession);

            if (authorizationHandler != null)
            {
                authorizationHandler.CheckGetStartForm(authenticatedActorId, processDefinitionId);
            }
        }
Example #17
0
        public void CheckCancelFlow(String authenticatedActorId, Int64 flowId, DbSession dbSession)
        {
            IAuthorizationHandler authorizationHandler = GetHandlerFromFlowId(flowId, dbSession);

            if (authorizationHandler != null)
            {
                authorizationHandler.CheckCancelFlow(authenticatedActorId, flowId);
            }
        }
 protected RetryableApiClient(HttpClient client,
                              IAuthorizationHandler authorizationHandler,
                              int maxAttempts           = DEFAULT_MAX_RETRIES,
                              int exceptionRetryDelayMs = DEFAULT_RETRY_MS)
 {
     _client = client;
     _authorizationHandler  = authorizationHandler;
     _maxAttempts           = maxAttempts;
     _exceptionRetryDelayMs = exceptionRetryDelayMs;
 }
        /**
         * Assert that the given handler succeeds when a user has any of the "claimsExpectedToSucceed", and is tested
         * against the supplied entity, and fails otherwise
         */
        public static void AssertHandlerSucceedsWithCorrectClaims <TEntity, TRequirement>(
            IAuthorizationHandler handler,
            TEntity entity,
            params SecurityClaimTypes[] claimsExpectedToSucceed)
            where TRequirement : IAuthorizationRequirement
        {
            var scenarios = GetClaimTestScenarios(entity, claimsExpectedToSucceed);

            scenarios.ForEach(scenario => AssertHandlerHandlesScenarioSuccessfully <TEntity, TRequirement>(handler, scenario));
        }
Example #20
0
        private IAuthorizationHandler GetAuthorizationHandler(ProcessDefinitionImpl processDefinition)
        {
            IAuthorizationHandler authorizationHandler = null;
            DelegationImpl        delegation           = processDefinition.AuthorizationDelegation;

            if (delegation != null)
            {
                authorizationHandler = (IAuthorizationHandler)delegation.GetDelegate();
            }
            return(authorizationHandler);
        }
 public static async Task AssertHandlerSucceedsWithCorrectClaims <TRequirement>(
     IAuthorizationHandler handler,
     params SecurityClaimTypes[] claimsExpectedToSucceed)
     where TRequirement : IAuthorizationRequirement
 {
     var scenarios = GetClaimTestScenarios(null, claimsExpectedToSucceed);
     await scenarios
     .ToAsyncEnumerable()
     .ForEachAwaitAsync(scenario =>
                        AssertHandlerHandlesScenarioSuccessfully <TRequirement>(handler, scenario));
 }
Example #22
0
        /**
         * Assert that the given handler succeeds when a user has any of the "claimsExpectedToSucceed" and is tested
         * against an arbitrary Release, and fails otherwise
         */
        public static void AssertReleaseHandlerSucceedsWithCorrectClaims <TRequirement>(
            IAuthorizationHandler handler,
            params SecurityClaimTypes[] claimsExpectedToSucceed)
            where TRequirement : IAuthorizationRequirement
        {
            var release = new Release
            {
                Id = Guid.NewGuid()
            };

            AssertReleaseHandlerSucceedsWithCorrectClaims <TRequirement>(handler, release, claimsExpectedToSucceed);
        }
Example #23
0
 public AuthorizationService(
     IAuthorizationHandler authorizationHandler,
     IEnumerable <OperationAuthorizationRequirement> requirements,
     T resource,
     ClaimsPrincipal user
     )
 {
     this.authorizationHandler = authorizationHandler;
     this.requirements         = requirements;
     this.resource             = resource;
     this.user = user;
 }
Example #24
0
        public ContractMethodInvocationHandler(
            IContractImplementationResolver contractImplementationResolver,
            IAuthorizationContextProvider authorizationContextProvider,
            IAuthorizationHandler authorizationHandler,
            IEnumerable <IInvocationSerializer> invocationSerializers,
            IMethodInvoker methodInvoker)
        {
            this.contractImplementationResolver = contractImplementationResolver;
            this.authorizationContextProvider   = authorizationContextProvider;
            this.authorizationHandler           = authorizationHandler;
            this.methodInvoker = methodInvoker;

            this.invocationSerializers = invocationSerializers.ToDictionary(x => x.MediaType);
        }
        /// <summary>
        /// Initializes a new instance of the <see cref="AuthorizationContextState"/> class.
        /// </summary>
        /// <param name="authorizationStore">The <see cref="IAuthorizationStore"/>.</param>
        /// <param name="authorizationHandler">The <see cref="IAuthorizationHandler"/>.</param>
        /// <exception cref="ArgumentNullException">The value of '<paramref name="authorizationHandler"/>' and '<paramref name="authorizationStore"/>' cannot be null. </exception>
        protected AuthorizationContextState([NotNull] IAuthorizationStore authorizationStore, [NotNull] IAuthorizationHandler authorizationHandler)
        {
            if (authorizationStore == null)
            {
                throw new ArgumentNullException(nameof(authorizationStore));
            }

            if (authorizationHandler == null)
            {
                throw new ArgumentNullException(nameof(authorizationHandler));
            }

            this.AuthorizationStore   = authorizationStore;
            this.AuthorizationHandler = authorizationHandler;
        }
        private static IAuthorizationService GetAuthorizationService(AuthorizationOptions options, IAuthorizationPolicyProvider policyProvider)
        {
            Debug.Assert(options != null, "options != null");
            Debug.Assert(options.Dependencies != null, "options.Dependencies != null");

            if (options.Dependencies.Service != null)
            {
                return(options.Dependencies.Service);
            }

            var handlers = new IAuthorizationHandler[] { new PassThroughAuthorizationHandler() };
            var logger   = GetLogger(options);

            return(new DefaultAuthorizationService(policyProvider, handlers, logger));
        }
Example #27
0
 /// <summary>
 /// Returns a new mock server.
 /// Host will be <see cref="DefaultAuthHandler"/> and Port will be <see cref="DefaultPort"/>.
 /// <para>Received logs will be stored in <see cref="GloutonServerMock.ListLog"/>.
 /// This server won't have handlers support.
 /// To get a server with handlers, please use <see cref="DefaultGloutonServer"/> instead.</para>
 /// </summary>
 /// <param name="authorizationHandler">The authorization handler. If null, <see cref="DefaultAuthHandler"/> will be used.</param>
 /// <param name="userCertificateValidationCallback">The user certification callback. Can be null.</param>
 /// <returns></returns>
 internal static GloutonServerMock DefaultMockServer
 (
     IAuthorizationHandler authorizationHandler = null,
     RemoteCertificateValidationCallback userCertificateValidationCallback = null
 )
 {
     return(new GloutonServerMock
            (
                DefaultHost,
                DefaultPort,
                authorizationHandler ?? DefaultAuthHandler,
                null,
                userCertificateValidationCallback
            ));
 }
 public AuthorizationSection(
     string policyName,
     string claimName,
     string friendlyName,
     bool requiresAdminPermissions,
     IAuthorizationRequirement requirement,
     IAuthorizationHandler handler)
 {
     this.PolicyName               = policyName;
     this.ClaimType                = claimName;
     this.FriendlyName             = friendlyName;
     this.RequiresAdminPermissions = requiresAdminPermissions;
     this.Requirement              = requirement;
     this.Handler = handler;
 }
Example #29
0
 /// <summary>
 /// Returns a new Glouton Server.
 /// Host will be <see cref="DefaultHost"/> and port will be <see cref="DefaultPort"/>.
 /// </summary>
 /// <param name="activityMonitor"> The activity monitor used by server and its handler. If null, it will instantiate a new one.</param>
 /// <param name="authorizationHandler">The authorization handler. If null, <see cref="DefaultAuthHandler"/> will be used.</param>
 /// <param name="userCertificateValidationCallback">The user certification callback. Can be null.</param>
 /// <returns></returns>
 internal static GloutonServer DefaultGloutonServer
 (
     IActivityMonitor activityMonitor           = null,
     IAuthorizationHandler authorizationHandler = null,
     RemoteCertificateValidationCallback userCertificateValidationCallback = null
 )
 {
     return(new GloutonServer(
                DefaultHost,
                DefaultPort,
                activityMonitor ?? new ActivityMonitor(),
                authorizationHandler ?? DefaultAuthHandler,
                null,
                userCertificateValidationCallback
                ));
 }
Example #30
0
 public RemoteServiceExecutor(IClientServiceDiscovery serviceDiscovery, IAddressSelector addressSelector,
                              IServiceTokenGetter serviceTokenGetter, ITransportClientFactory transportClientFactory,
                              ITypeConvertProvider typeConvertProvider, ILogger logger, ISerializer serializer,
                              IAuthorizationHandler authorizationHandler = null, ICache <string, List <ServerAddress> > cache = null, int retryTimes = -1)
 {
     _serviceDiscovery       = serviceDiscovery;
     _addressSelector        = addressSelector;
     _transportClientFactory = transportClientFactory;
     _typeConvertProvider    = typeConvertProvider;
     _serviceTokenGetter     = serviceTokenGetter;
     _authorizationHandler   = authorizationHandler;
     _cache      = cache;
     _logger     = logger;
     _retryTimes = retryTimes;
     _serializer = serializer;
 }
 public void Add(string authorizationScheme, IAuthorizationHandler handler)
 {
     authorizationScheme = authorizationScheme.ToLower();
       Handlers.Add(authorizationScheme, handler);
 }