public AuthorizeActivity(
IGetDataAsyncDelegate <Settings> getSettingsDataAsyncDelegate,
IAuthorizationController authorizationController,
IStatusController statusController) :
base(statusController)
{
this.getSettingsDataAsyncDelegate = getSettingsDataAsyncDelegate;
this.authorizationController = authorizationController;
}
private AuthorizationOptions ResolveAuthorizationOptions(IAuthorizationController controller)
{
if (controller != null)
{
return(controller.AuthorizationOptions);
}
return(_owinContextAccessor.Context.GetAuthorizationOptions());
}
public AuthApi(ICoreApi core, IAuthorizationController authorization)
{
_authorization = authorization;
_core = core;
_core.ConnectionClosing += OnConnectionClosing;
_core.Registration(this);
_core.Registration <LoginRequest>(HandleLogin);
_core.Registration <LogoutRequest>(HandleLogout);
}
private AuthorizationOptions ResolveAuthorizationOptions(IAuthorizationController controller)
{
if (controller != null)
{
return(controller.AuthorizationOptions);
}
var owinContext = _owinContextAccessor.Context;
var helper = new AuthorizationDependencyHelper(owinContext);
return(helper.AuthorizationOptions);
}
/// <summary>
/// Determines if a user is authorized.
/// </summary>
/// <param name="controller">The controller from which <see cref="AuthorizationOptions"/> may be obtained.</param>
/// <param name="user">The user to evaluate the authorize data against.</param>
/// <param name="authorizeAttribute">The <see cref="IAuthorizeData"/> to evaluate.</param>
/// <returns>
/// A flag indicating whether authorization has succeeded.
/// This value is <value>true</value> when the <paramref name="user"/> fulfills the <paramref name="authorizeAttribute"/>; otherwise <value>false</value>.
/// </returns>
/// <remarks>
/// If <paramref name="controller"/> is not null, it will be used to find <see cref="AuthorizationOptions"/> instead of the current <see cref="IOwinContext"/>.
/// </remarks>
public async Task <bool> IsAuthorizedAsync(IAuthorizationController controller, ClaimsPrincipal user, IAuthorizeData authorizeAttribute)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
if (authorizeAttribute == null)
{
throw new ArgumentNullException(nameof(authorizeAttribute));
}
var options = ResolveAuthorizationOptions(controller);
if (options == null)
{
throw new InvalidOperationException(Resources.Exception_AuthorizationOptionsMustNotBeNull);
}
var dependencies = options.Dependencies
?? new AuthorizationDependencies();
var policyProvider = dependencies.PolicyProvider
?? new DefaultAuthorizationPolicyProvider(options);
var authorizationService = dependencies.Service;
if (authorizationService == null)
{
var handlerProvider = new DefaultAuthorizationHandlerProvider(new PassThroughAuthorizationHandler());
var handlers = await handlerProvider.GetHandlersAsync();
var loggerFactory = dependencies.LoggerFactory
?? new DiagnosticsLoggerFactory();
authorizationService = new DefaultAuthorizationService(
policyProvider,
handlers,
loggerFactory.CreateDefaultLogger(),
new DefaultAuthorizationHandlerContextFactory(),
new DefaultAuthorizationEvaluator());
}
var policy = await AuthorizationPolicy.CombineAsync(policyProvider, new[] { authorizeAttribute });
return(await authorizationService.AuthorizeAsync(user, policy));
}
public async Task <bool> IsAuthorizedAsync(IAuthorizationController controller, ClaimsPrincipal user, IAuthorizeData authorizeAttribute)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
if (authorizeAttribute == null)
{
throw new ArgumentNullException(nameof(authorizeAttribute));
}
AuthorizationOptions options;
if (controller != null)
{
options = controller.AuthorizationOptions;
}
else
{
var owinContext = _owinContextAccessor.Context;
var helper = new AuthorizationDependencyHelper(owinContext);
options = helper.AuthorizationOptions;
}
if (options == null)
{
throw new InvalidOperationException("AuthorizationOptions must not be null. Your resource authorization may be set up incorrectly.");
}
if (options.Dependencies == null)
{
throw new InvalidOperationException("AuthorizationOptions.Dependencies must not be null");
}
var policyProvider = options.Dependencies.PolicyProvider ?? new DefaultAuthorizationPolicyProvider(options);
var authorizationService = GetAuthorizationService(options, policyProvider);
var policy = await AuthorizationPolicy.CombineAsync(policyProvider, new[] { authorizeAttribute });
return(await authorizationService.AuthorizeAsync(user, policy));
}
