protected virtual void AddPermissionClaims(IResourceAuthorizationContext context) { if (!context.Principal.Identity.IsAuthenticated) { return; } var userClaims = new List <Claim>(); var claimsApplications = BedrockConfiguration.Security.Application.ClaimCollection.Applications; var usernameClaimType = !string.IsNullOrWhiteSpace(UsernameClaimType) ? UsernameClaimType : ClaimType.DisplayName; var username = context.Principal.Claims.GetClaimByTypeFirstOrDefault(usernameClaimType)?.Value; var subjectClaimType = !string.IsNullOrWhiteSpace(SubjectClaimType) ? SubjectClaimType : ClaimType.Subject; var subject = context.Principal.Claims.GetClaimByTypeFirstOrDefault(subjectClaimType)?.Value; claimsApplications.Each(ua => { var collector = ClaimCollectorFactory.CreateInstanceCollector(ua); var pass = ClaimCollectorFactory.CreateInstancePass(ua, collector, username, subject); pass .Collector .Collect(pass) .Each(c => userClaims.Add(c)); }); userClaims.Each(c => context.Principal.Identities.First().AddClaim(c)); }
public override Task <bool> CheckAccessAsync(IResourceAuthorizationContext context) { if (!BedrockConfiguration.Security.IsEnabled) { return(Task.FromResult(true)); } AddPermissionClaims(context); return(Eval(context.Principal.Claims.HasAccess(context))); }
public static bool HasAccess(this IEnumerable <Claim> userClaims, IResourceAuthorizationContext context) { return(context.Claims.All(c => userClaims.Contains(c, new ClaimComparer()))); }
public virtual Task <bool> CheckAccessAsync(IResourceAuthorizationContext context) { throw new NotImplementedException(); }