public async Task <IActionResult> GetRecommendationRoutes([FromBody] UserRequirement userRequirement)
{
_logger.LogInformation($"\n输入:{userRequirement}");
var userRequirementFromCSharp = await userRequirement.UserRequirementToUserRequirementFromCSharp(_httpClient);
var rec = new RecomendationsRepository(userRequirementFromCSharp, _httpClient);
var res = await rec.GetRecommendationsAsync();
return(Ok(res));
}
/// <summary>
/// Check if the authenticated user has an HDID and optionally the owner of the User resource being accessed.
/// </summary>
/// <param name="context">The authorization handler context.</param>
/// <param name="resourceHDID">The health data resource subject identifier.</param>
/// <param name="requirement">The requirement to validate.</param>
private bool Authorize(AuthorizationHandlerContext context, string?resourceHDID, UserRequirement requirement)
{
bool retVal = false;
ClaimsPrincipal user = context.User;
if (user.HasClaim(c => c.Type == GatewayClaims.HDID))
{
string userHDID = user.FindFirst(c => c.Type == GatewayClaims.HDID).Value;
if (requirement.ValidateOwnership)
{
retVal = userHDID == resourceHDID;
this.logger.LogInformation($"{userHDID} is {(!retVal ? "not " : string.Empty)}the resource owner");
}
else
{
retVal = true;
this.logger.LogInformation($"User has claim {GatewayClaims.HDID} and has been authorized");
}
}
else
{
this.logger.LogInformation($"Unable to validate resource owner for {resourceHDID} as no HDID claims present");
}
return(retVal);
}
public HttpRequestMapRepository(IHttpClientFactory httpClientFactory, IUserRequirementFromCSharp userRequirement)
{
_httpClient = httpClientFactory;
_userRequirement = (UserRequirement)userRequirement;
}