Exemple #1
0
 /// <summary>
 /// Determines whether the current user is authorized or not given the specified context.
 /// </summary>
 /// <param name="context">The context or rule to be authorized.</param>
 /// <returns><see langword="true"/> if the current user is authorized; otherwise <see langword="false"/>.</returns>
 public bool IsAuthorized(string context)
 {
     try
     {
         return(_authorizationProvider.Authorize(Thread.CurrentPrincipal, context));
     }
     catch (InvalidOperationException)
     {
         return(true);
     }
 }
Exemple #2
0
        public async Task <HttpServerResponse> HandleRequest(IHttpServerRequest request)
        {
            if (request.Method != HttpMethod.GET)
            {
                return(GetMethodNotAllowedResponse(request.Method));
            }

            if (_authenticationProvider != null)            // if you pass an IAuthenticationProvider, it will be used to check every request in this handler
            {
                var authResult = _authenticationProvider.Authorize(request);
                if (authResult == HttpResponseStatus.Unauthorized)
                {
                    return(GetUnauthorizedResponse(_authenticationProvider.Realm));
                }
            }

            var localFilePath    = GetFilePath(request.Uri);
            var absoluteFilePath = GetAbsoluteFilePath(localFilePath);

            // todo: add validation for invalid path characters / invalid filename characters
            IFile item;

            try
            {
                item = await _fileSystem.GetFileFromPathAsync(absoluteFilePath);
            }
            catch (FileNotFoundException)
            {
                return(GetFileNotFoundResponse(localFilePath));
            }

            return(await GetHttpResponse(item));
        }
Exemple #3
0
        public void FactoryTest()
        {
            AuthorizationProviderFactory factory      = new AuthorizationProviderFactory(ConfigurationSourceFactory.Create());
            IAuthorizationProvider       ruleProvider = factory.Create("RuleProvider");

            Assert.IsTrue(ruleProvider.Authorize(principal, testRuleName));
        }
Exemple #4
0
        public void FactoryTest()
        {
            AuthorizationProviderFactory factory      = new AuthorizationProviderFactory(context);
            IAuthorizationProvider       ruleProvider = factory.GetAuthorizationProvider("RuleProvider");

            Assert.IsTrue(ruleProvider.Authorize(this.principal, testRuleName));
        }
    /// <summary>
    /// Determines whether the specified user satisfies rules.
    /// </summary>
    /// <param name="rules">The rules.</param>
    /// <param name="user">The user.</param>
    /// <returns>
    ///     <c>true</c> if the specified rules has rules; otherwise, <c>false</c>.
    /// </returns>
    protected static bool HasRules(string[] rules, IPrincipal user)
    {
        bool returnValue = true;

        //check some rules have been passed
        if (rules != null)
        {
            foreach (string rule in rules)
            {
                //check the user against each rule
                try
                {
                    if (!GetRuleProvider.Authorize(user, rule))
                    {
                        //if the user does not satisfy one of the rules then return a false
                        returnValue = false;
                        break;
                    }
                }
                catch
                {
                    returnValue = false;
                    break;
                }
            }
        }
        return(returnValue);
    }
        public void AuthorizedTaskWithoutData()
        {
            IAuthorizationProvider azManProvider = AuthorizationFactory.GetAuthorizationProvider();

            bool res = azManProvider.Authorize(cryptographyProviderCollection, authorizedTask);

            Assert.IsTrue(res);
        }
Exemple #7
0
    public bool IsAuthorized(string securityContext)
    {
        IAuthorizationProvider ruleProvider = AuthorizationFactory.GetAuthorizationProvider("MyAuthorizationProvider");
        //bool ret = ruleProvider.Authorize(LocalUserManager.GetThreadPrinciple(), securityContext);
        bool ret = ruleProvider.Authorize(LocalUserManager.GetCurrentPrinciple(), securityContext);

        return(ret);
    }
        public static bool IsCurrentUserAuthorized()
        {
            IAuthorizationProvider authorizeProvider =
                AuthorizationFactory.GetAuthorizationProvider("RuleProvider");

            bool authorized = authorizeProvider.Authorize(System.Threading.Thread.CurrentPrincipal, "ConfigSystem");

            return(authorized);
        }
Exemple #9
0
        public bool userAuthorized(string rule)
        {
            bool authorized = false;

            IAuthorizationProvider authorProvider = AuthorizationFactory.GetAuthorizationProvider("RuleProvider");

            authorized = authorProvider.Authorize(Thread.CurrentPrincipal, rule);

            return(authorized);
        }
        public void CanCreateAuthorizationRuleProvider()
        {
            IAuthorizationProvider createdObject = EnterpriseLibraryContainer.Current.GetInstance <IAuthorizationProvider>("RuleProvider");

            Assert.IsNotNull(createdObject);
            Assert.IsInstanceOfType(createdObject, typeof(AuthorizationRuleProvider));
            Assert.IsTrue(
                createdObject.Authorize(
                    new GenericPrincipal(new GenericIdentity("TestUser"), new string[] { "Admin" }),
                    "rule1"));
        }
Exemple #11
0
 protected void Authorize(string taskName)
 {
     // _authorizationProvider = AuthorizationFactory.GetAuthorizationProvider(Constants.Authorization_Provider);
     if (!_authorizationProvider.Authorize(Thread.CurrentPrincipal, taskName))
     {
         ExceptionFactory.BusinessEntityException
         .Wrap <SecurityException>()
         .Add.Message(taskName + "User not Authorized for the Task : {0}")
         .Add.Arguments(this)
         .Raise();
     }
 }
Exemple #12
0
 public bool CanExecute(string action, WorkItem context, object caller, object target)
 {
     try
     {
         return(_authzProvider.Authorize(Thread.CurrentPrincipal, action));
     }
     catch (InvalidOperationException)
     {
         // rule (action) not found
         return(true);
     }
 }
Exemple #13
0
        /// <summary>
        /// Performs the operation of the handler.
        /// </summary>
        /// <param name="input">Input to the method call.</param>
        /// <param name="getNext">Delegate used to get the next delegate in the call handler pipeline.</param>
        /// <returns>Returns value from the target method, or an <see cref="UnauthorizedAccessException"/>
        /// if the call fails the authorization check.</returns>
        public IMethodReturn Invoke(IMethodInvocation input, GetNextHandlerDelegate getNext)
        {
            IAuthorizationProvider authProvider = GetAuthorizationProvider();
            ReplacementFormatter   formatter    = new MethodInvocationFormatter(input);

            if (!authProvider.Authorize(Thread.CurrentPrincipal, formatter.Format(operationName)))
            {
                UnauthorizedAccessException unauthorizedExeption = new UnauthorizedAccessException(Resources.AuthorizationFailed);
                return(input.CreateExceptionMethodReturn(unauthorizedExeption));
            }

            return(getNext().Invoke(input, getNext));
        }
Exemple #14
0
        public static bool Authorized(string rule)
        {
            bool authorized = false;

            // TODO: Check rule-base authorization
            // No parameter passed to GetInstance method as
            // we'll set the Default Authorization Instance in App.config.
            IAuthorizationProvider ruleProvider = EnterpriseLibraryContainer.Current.GetInstance <IAuthorizationProvider>();

            authorized = ruleProvider.Authorize(Thread.CurrentPrincipal, rule);

            return(authorized);
        }
Exemple #15
0
        public bool IsAuthorized(string Username, string rule)
        {
            try
            {
                string[]               roles        = Roles.GetRolesForUser(Username);
                IPrincipal             principal    = new GenericPrincipal(new GenericIdentity(Username), roles);
                IAuthorizationProvider ruleProvider = AuthorizationFactory.GetAuthorizationProvider("RuleProvider");

                return(ruleProvider.Authorize(principal, rule));
            }
            catch (Exception err)
            {
                MMDBLogFile.Log(err);
                return(false);
            }
        }
Exemple #16
0
        /// <summary>
        /// Demand method is called at runtime when a caller is trying to access
        /// resource that is marked with SAFSecurityAttribute.
        /// </summary>
        public void Demand()
        {
            //obtain the information about the denied and allowed roles
            //information from configuraiton file

            ConfigurationManager       cm = (ConfigurationManager)ConfigurationSettings.GetConfig("Framework");
            AuthorizationConfiguration ac = cm.AuthorizationConfig;

            string[] allowedRoles = ac.AllowedRoles(Name);
            string[] deniedRoles  = ac.DeniedRoles(Name);

            //create the IAuthorizationProvider object which is responsible
            //for verify if the call is permitted or denied based on the
            //allowed role and denied role information.
            IAuthorizationProvider ap = (IAuthorizationProvider)ac.GetAuthorizationProvider(Name);

            ap.Authorize(allowedRoles, deniedRoles);
        }
Exemple #17
0
        public static void LogIn(NetworkCredential credential)
        {
            SecurityPrincipal principal = authenticationProvider.Authenticate(credential);

            if (principal == null || (!(principal.SecurityIdentity.IsAuthenticated)))
            {
                throw new SecurityException("User, " + credential.UserName + ", could not be authenticated.");
            }

            if (setThreadPrincipal)
            {
                System.Threading.Thread.CurrentPrincipal = principal;
            }

            if (HttpContext.Current != null)
            {
                HttpContext.Current.User = principal;
            }

            principal.Profile = authorizationProvider.Authorize(principal);
            contextStoreProvider.SetPrincipal(principal);
        }
Exemple #18
0
        internal async Task <IRestResponse> HandleRequestAsync(RestServerRequest req, IAuthorizationProvider authorizationProvider)
        {
            if (!req.HttpServerRequest.IsComplete ||
                req.HttpServerRequest.Method == HttpMethod.Unsupported)
            {
                return(_responseFactory.CreateBadRequest());
            }

            ParsedUri parsedUri;
            var       incomingUriAsString = req.HttpServerRequest.Uri.ToRelativeString();

            if (!_uriParser.TryParse(incomingUriAsString, out parsedUri))
            {
                throw new Exception($"Could not parse uri: {incomingUriAsString}");
            }

            var restMethods = _restMethodCollection.Where(r => r.Match(parsedUri)).ToList();

            if (!restMethods.Any())
            {
                return(_responseFactory.CreateBadRequest());
            }

            var restMethod = restMethods.FirstOrDefault(r => r.Verb == req.HttpServerRequest.Method);

            if (restMethod == null)
            {
                return(new MethodNotAllowedResponse(restMethods.Select(r => r.Verb)));
            }

            // check if authentication is required
            AuthorizeAttribute authAttribute = null;

            // first check on controller level
            if (restMethod.MethodInfo.DeclaringType.GetTypeInfo().IsDefined(typeof(AuthorizeAttribute)))
            {
                authAttribute = restMethod.MethodInfo.DeclaringType.GetTypeInfo().GetCustomAttributes <AuthorizeAttribute>().Single();
            }
            // otherwise check on method level
            else if (restMethod.MethodInfo.IsDefined(typeof(AuthorizeAttribute)))
            {
                authAttribute = restMethod.MethodInfo.GetCustomAttributes <AuthorizeAttribute>().Single();
            }
            if (authAttribute != null)            // need to check authentication
            {
                if (authorizationProvider == null)
                {
                    _log.Error("HandleRequestAsync|AuthenticationProvider not configured");
                    return(_responseFactory.CreateInternalServerError());
                }
                var authResult = authorizationProvider.Authorize(req.HttpServerRequest);
                if (authResult == HttpResponseStatus.Unauthorized)
                {
                    return(_responseFactory.CreateWwwAuthenticate(authorizationProvider.Realm));
                }
            }

            var restMethodExecutor = _methodExecuteFactory.Create(restMethod);

            try
            {
                return(await restMethodExecutor.ExecuteMethodAsync(restMethod, req, parsedUri));
            }
            catch
            {
                return(_responseFactory.CreateBadRequest());
            }
        }