public async Task <AuthorizationResult> Evaluate(
            ClaimsPrincipal principal,
            object userContext,
            Dictionary <string, object> arguments,
            IEnumerable <string> requiredPolicies)
        {
            var context = new AuthorizationContext();

            context.User        = principal ?? new ClaimsPrincipal(new ClaimsIdentity());
            context.UserContext = userContext;
            context.Arguments   = arguments;

            var authPolicies = _settings.GetPolicies(requiredPolicies).ToList();

            var tasks = new List <Task>();

            authPolicies.Apply(p =>
            {
                p.Requirements.Apply(r =>
                {
                    var task = r.Authorize(context);
                    tasks.Add(task);
                });
            });

            await Task.WhenAll(tasks.ToArray());

            return(!context.HasErrors
                ? AuthorizationResult.Success()
                : AuthorizationResult.Fail(context.Errors));
        }
        /// <inheritdoc />
        public async Task <AuthorizationResult> Evaluate(
            ClaimsPrincipal principal,
            IDictionary <string, object> userContext,
            IReadOnlyDictionary <string, object> inputs,
            IEnumerable <string> requiredPolicies)
        {
            if (requiredPolicies == null)
            {
                return(AuthorizationResult.Success());
            }

            var context = new AuthorizationContext
            {
                User        = principal ?? new ClaimsPrincipal(new ClaimsIdentity()),
                UserContext = userContext,
                Inputs      = inputs
            };

            var tasks = new List <Task>();

            foreach (string requiredPolicy in requiredPolicies)
            {
                var authorizationPolicy = _settings.GetPolicy(requiredPolicy);
                if (authorizationPolicy == null)
                {
                    context.ReportError($"Required policy '{requiredPolicy}' is not present.");
                }
                else
                {
                    foreach (var r in authorizationPolicy.Requirements)
                    {
                        var task = r.Authorize(context);
                        tasks.Add(task);
                    }
                }
            }

            await Task.WhenAll(tasks).ConfigureAwait(false);

            return(context.HasErrors
                ? AuthorizationResult.Fail(context.Errors)
                : AuthorizationResult.Success());
        }
Exemple #3
0
        public async Task <AuthorizationResult> Evaluate(ClaimsPrincipal principal, object userContext, IDictionary <string, object> arguments, IEnumerable <string> requiredPolicies)
        {
            var context = new AuthorizationContext
            {
                User           = principal ?? new ClaimsPrincipal(new ClaimsIdentity()),
                UserContext    = userContext,
                InputVariables = arguments
            };

            foreach (var requiredPolicy in requiredPolicies?.ToList() ?? new List <string>())
            {
                var authorizationResult = await _authorizationService.AuthorizeAsync(context.User, null, new PermissionAuthorizationRequirement(requiredPolicy));

                if (!authorizationResult.Succeeded)
                {
                    context.ReportError($"User doesn't have the required permission '{requiredPolicy}'.");
                }
            }

            return(!context.HasErrors ? AuthorizationResult.Success() : AuthorizationResult.Fail(context.Errors));
        }
        public async Task <AuthorizationResult> Evaluate(
            ClaimsPrincipal principal,
            object userContext,
            IDictionary <string, object> inputVariables,
            IEnumerable <string> requiredPolicies)
        {
            var context = new AuthorizationContext
            {
                User           = principal ?? new ClaimsPrincipal(new ClaimsIdentity()),
                UserContext    = userContext,
                InputVariables = inputVariables
            };

            var tasks = new List <Task>();

            requiredPolicies?.ToList()
            .Apply(requiredPolicy =>
            {
                var authorizationPolicy = _settings.GetPolicy(requiredPolicy);
                if (authorizationPolicy == null)
                {
                    context.ReportError($"Required policy '{requiredPolicy}' is not present.");
                }
                else
                {
                    authorizationPolicy.Requirements.Apply(r =>
                    {
                        var task = r.Authorize(context);
                        tasks.Add(task);
                    });
                }
            });

            await Task.WhenAll(tasks.ToArray());

            return(!context.HasErrors
                ? AuthorizationResult.Success()
                : AuthorizationResult.Fail(context.Errors));
        }