Esempio n. 1
0
    public void OnProvidersExecuting(PageApplicationModelProviderContext context)
    {
        if (context == null)
        {
            throw new ArgumentNullException(nameof(context));
        }

        if (_mvcOptions.EnableEndpointRouting)
        {
            // When using endpoint routing, the AuthorizationMiddleware does the work that Auth filters would otherwise perform.
            // Consequently we do not need to convert authorization attributes to filters.
            return;
        }

        var pageModel     = context.PageApplicationModel;
        var authorizeData = pageModel.HandlerTypeAttributes.OfType <IAuthorizeData>().ToArray();

        if (authorizeData.Length > 0)
        {
            pageModel.Filters.Add(AuthorizationApplicationModelProvider.GetFilter(_policyProvider, authorizeData));
        }
        foreach (var attribute in pageModel.HandlerTypeAttributes.OfType <IAllowAnonymous>())
        {
            pageModel.Filters.Add(new AllowAnonymousFilter());
        }
    }
Esempio n. 2
0
    public void BuildActionModels_BaseAuthorizeFiltersAreStillValidWhenOverriden()
    {
        // Arrange
        var options = Options.Create(new AuthorizationOptions());

        options.Value.AddPolicy("Base", policy => policy.RequireClaim("Basic").RequireClaim("Basic2"));
        options.Value.AddPolicy("Derived", policy => policy.RequireClaim("Derived"));

        var provider = new AuthorizationApplicationModelProvider(
            new DefaultAuthorizationPolicyProvider(options),
            OptionsWithoutEndpointRouting);
        var context = CreateProviderContext(typeof(DerivedController));

        // Act
        provider.OnProvidersExecuting(context);

        // Assert
        var controller = Assert.Single(context.Result.Controllers);
        var action     = Assert.Single(controller.Actions);

        Assert.Equal("Authorize", action.ActionName);

        var attributeRoutes = action.Selectors.Where(sm => sm.AttributeRouteModel != null);

        Assert.Empty(attributeRoutes);
        var authorizeFilters = action.Filters.OfType <AuthorizeFilter>();

        Assert.Single(authorizeFilters);

        Assert.NotNull(authorizeFilters.First().Policy);
        Assert.Equal(3, authorizeFilters.First().Policy.Requirements.Count()); // Basic + Basic2 + Derived authorize
    }
Esempio n. 3
0
    public void OnProvidersExecuting_NonDefaultPolicyProvider_HasNoPolicy_HasPolicyProviderAndAuthorizeData()
    {
        // Arrange
        var requirements = new IAuthorizationRequirement[]
        {
            new AssertionRequirement((con) => { return(true); })
        };
        var authorizationPolicy             = new AuthorizationPolicy(requirements, new string[] { "dingos" });
        var authorizationPolicyProviderMock = new Mock <IAuthorizationPolicyProvider>();

        authorizationPolicyProviderMock
        .Setup(s => s.GetPolicyAsync(It.IsAny <string>()))
        .Returns(Task.FromResult(authorizationPolicy))
        .Verifiable();

        var provider = new AuthorizationApplicationModelProvider(authorizationPolicyProviderMock.Object, OptionsWithoutEndpointRouting);

        // Act
        var action = GetBaseControllerActionModel(provider);

        // Assert
        var actionFilter = Assert.IsType <AuthorizeFilter>(Assert.Single(action.Filters));

        Assert.Null(actionFilter.Policy);
        Assert.NotNull(actionFilter.AuthorizeData);
        Assert.NotNull(actionFilter.PolicyProvider);
    }
Esempio n. 4
0
    public void OnProvidersExecuting_DefaultPolicyProvider_NoAuthorizationData_NoFilterCreated()
    {
        // Arrange
        var requirements = new IAuthorizationRequirement[]
        {
            new AssertionRequirement((con) => { return(true); })
        };
        var authorizationPolicy = new AuthorizationPolicy(requirements, new string[] { "dingos" });
        var authOptions         = Options.Create(new AuthorizationOptions());

        authOptions.Value.AddPolicy("Base", authorizationPolicy);
        var policyProvider = new DefaultAuthorizationPolicyProvider(authOptions);

        var provider = new AuthorizationApplicationModelProvider(policyProvider, OptionsWithoutEndpointRouting);
        var context  = CreateProviderContext(typeof(BaseController));

        // Act
        var action = GetBaseControllerActionModel(provider);

        // Assert
        var authorizationFilter = Assert.IsType <AuthorizeFilter>(Assert.Single(action.Filters));

        Assert.NotNull(authorizationFilter.Policy);
        Assert.Null(authorizationFilter.AuthorizeData);
        Assert.Null(authorizationFilter.PolicyProvider);
    }
Esempio n. 5
0
 IFilterMetadata IFilterFactory.CreateInstance(IServiceProvider serviceProvider)
 {
     if (Policy != null || PolicyProvider != null)
     {
         return(this);
     }
     return(AuthorizationApplicationModelProvider.GetFilter(serviceProvider.GetRequiredService <IAuthorizationPolicyProvider>(), AuthorizeData));
 }
        public IFilterMetadata CreateInstance(IServiceProvider serviceProvider)
        {
            //if (Policy != null || PolicyProvider != null)
            //{
            //    // The filter is fully constructed. Use the current instance to authorize.
            //    return this;
            //}

            //var policyProvider = serviceProvider.GetRequiredService<IAuthorizationPolicyProvider>();
            return(AuthorizationApplicationModelProvider.GetFilter(serviceProvider as IAuthorizationPolicyProvider, AuthorizeData));
        }
Esempio n. 7
0
        IFilterMetadata IFilterFactory.CreateInstance(IServiceProvider serviceProvider)
        {
            if (Policy != null || PolicyProvider != null)
            {
                // The filter is fully constructed. Use the current instance to authorize.
                return(this);
            }

            Debug.Assert(AuthorizeData != null);
            var policyProvider = serviceProvider.GetRequiredService <IAuthorizationPolicyProvider>();

            return(AuthorizationApplicationModelProvider.GetFilter(policyProvider, AuthorizeData));
        }
Esempio n. 8
0
    private ActionModel GetBaseControllerActionModel(AuthorizationApplicationModelProvider authorizationApplicationModelProvider)
    {
        var context = CreateProviderContext(typeof(BaseController));

        authorizationApplicationModelProvider.OnProvidersExecuting(context);

        var controller = Assert.Single(context.Result.Controllers);

        Assert.Empty(controller.Filters);
        var action = Assert.Single(controller.Actions);

        return(action);
    }
Esempio n. 9
0
    public void CreateControllerModel_AuthorizeAttributeAddsAuthorizeFilter()
    {
        // Arrange
        var provider = new AuthorizationApplicationModelProvider(
            new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())),
            OptionsWithoutEndpointRouting);
        var controllerType = typeof(AccountController);
        var context        = CreateProviderContext(controllerType);

        // Act
        provider.OnProvidersExecuting(context);

        // Assert
        var controller = Assert.Single(context.Result.Controllers);

        Assert.Single(controller.Filters, f => f is AuthorizeFilter);
    }
Esempio n. 10
0
    public void OnProvidersExecuting_AllowAnonymousAttribute_DoesNothing_WhenEnableRoutingIsEnabled()
    {
        // Arrange
        var provider = new AuthorizationApplicationModelProvider(
            new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())),
            Options.Create(new MvcOptions()));
        var controllerType = typeof(AnonymousController);
        var context        = CreateProviderContext(controllerType);

        // Act
        provider.OnProvidersExecuting(context);

        // Assert
        var controller = Assert.Single(context.Result.Controllers);

        Assert.Empty(controller.Filters);
    }
Esempio n. 11
0
    public void CreateControllerModelAndActionModel_NoAuthNoFilter()
    {
        // Arrange
        var provider = new AuthorizationApplicationModelProvider(
            new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())),
            OptionsWithoutEndpointRouting);
        var context = CreateProviderContext(typeof(NoAuthController));

        // Act
        provider.OnProvidersExecuting(context);

        // Assert
        var controller = Assert.Single(context.Result.Controllers);

        Assert.Empty(controller.Filters);
        var action = Assert.Single(controller.Actions);

        Assert.Empty(action.Filters);
    }
Esempio n. 12
0
    public void CreateControllerModelAndActionModel_AllowAnonymousAttributeAddsAllowAnonymousFilter()
    {
        // Arrange
        var provider = new AuthorizationApplicationModelProvider(
            new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())),
            OptionsWithoutEndpointRouting);
        var context = CreateProviderContext(typeof(AnonymousController));

        // Act
        provider.OnProvidersExecuting(context);

        // Assert
        var controller = Assert.Single(context.Result.Controllers);

        Assert.Single(controller.Filters, f => f is AllowAnonymousFilter);
        var action = Assert.Single(controller.Actions);

        Assert.Single(action.Filters, f => f is AllowAnonymousFilter);
    }
        public void OnProvidersExecuting(PageApplicationModelProviderContext context)
        {
            if (context == null)
            {
                throw new ArgumentNullException(nameof(context));
            }

            var pageModel     = context.PageApplicationModel;
            var authorizeData = pageModel.HandlerTypeAttributes.OfType <IAuthorizeData>().ToArray();

            if (authorizeData.Length > 0)
            {
                pageModel.Filters.Add(AuthorizationApplicationModelProvider.GetFilter(_policyProvider, authorizeData));
            }
            foreach (var attribute in pageModel.HandlerTypeAttributes.OfType <IAllowAnonymous>())
            {
                pageModel.Filters.Add(new AllowAnonymousFilter());
            }
        }