public Task Authorize(AuthorizationContext context)
{
if (!context.User.Identity.IsAuthenticated)
{
context.ReportError("Not authenticated");
}
return(Task.CompletedTask);
}
public async Task Authorize([NotNull] AuthorizationContext context)
{
var userCtx = (GraphQLUserContext)context.UserContext;
var user = userCtx.ClaimsPrincipal;
if (!await user.IsInBotGuild(_client))
{
context.ReportError("Not in any mutual guilds with bot");
}
}
public async Task Authorize([NotNull] AuthorizationContext context)
{
var userCtx = (GraphQLUserContext)context.UserContext;
var user = userCtx.ClaimsPrincipal;
if (user.TryGetDiscordUser(_client) == null)
{
context.ReportError("Not logged in with Discord");
}
}
public async Task Authorize([NotNull] AuthorizationContext context)
{
var userCtx = (GraphQLUserContext)context.UserContext;
var user = userCtx.ClaimsPrincipal;
if (!await user.IsBotOwner(_client))
{
context.ReportError("Not the bot owner");
}
}
public Task Authorize(AuthorizationContext context)
{
var minimumAge = int.Parse(context.User.FindFirst(c => c.Type == "age")?.Value ?? "0");
if (minimumAge < 21)
{
context.ReportError("MinimumAge");
}
return(Task.CompletedTask);
}
public async Task Authorize(AuthorizationContext context)
{
var authResult = await _authorise();
if (authResult.Successful)
{
return;
}
context.ReportError(authResult.ErrorMessage);
}
public Task Authorize(AuthorizationContext context)
{
var user = context.User;
var userIsAnonymous =
user?.Identity == null ||
!user.Identities.Any(i => i.IsAuthenticated);
if (userIsAnonymous)
{
context.ReportError($"User is not authorized");
}
return(Task.CompletedTask);
}
public async Task <AuthorizationResult> Evaluate(ClaimsPrincipal principal, object userContext, IDictionary <string, object> arguments, IEnumerable <string> requiredPolicies)
{
var context = new AuthorizationContext
{
User = principal ?? new ClaimsPrincipal(new ClaimsIdentity()),
UserContext = userContext,
InputVariables = arguments
};
foreach (var requiredPolicy in requiredPolicies?.ToList() ?? new List <string>())
{
var authorizationResult = await _authorizationService.AuthorizeAsync(context.User, null, new PermissionAuthorizationRequirement(requiredPolicy));
if (!authorizationResult.Succeeded)
{
context.ReportError($"User doesn't have the required permission '{requiredPolicy}'.");
}
}
return(!context.HasErrors ? AuthorizationResult.Success() : AuthorizationResult.Fail(context.Errors));
}
public Task Authorize(AuthorizationContext context)
{
if (_whitelistOfClientIds == null || _whitelistOfClientIds.All(string.IsNullOrEmpty))
{
return(Task.CompletedTask); // only invoke if whitelist exists!
}
foreach (var identity in context.User.Identities)
{
foreach (var clientId in _whitelistOfClientIds)
{
if (identity.HasClaim(CLIENT_ID_CLAIM, clientId))
{
return(Task.CompletedTask);
}
}
}
context.ReportError("The user does not have permission to view sensitive data.");
return(Task.CompletedTask);
}
