private Task <AuthorizationResult> ExecuteAuthorizationHandler(IAuthorizationRequirement requirement, CancellationToken cancellationToken)
{
var requirementType = requirement.GetType();
var handlerType = FindHandlerType(requirement);
if (handlerType == null)
{
throw new InvalidOperationException($"Could not find an authorization handler type for requirement type \"{requirementType.Name}\"");
}
var handlers = _serviceProvider.GetService(typeof(IEnumerable <>).MakeGenericType(handlerType)) as IEnumerable <object>;
if (handlers == null || handlers.Count() == 0)
{
throw new InvalidOperationException($"Could not find an authorization handler implementation for requirement type \"{requirementType.Name}\"");
}
if (handlers.Count() > 1)
{
throw new InvalidOperationException($"Multiple authorization handler implementations were found for requirement type \"{requirementType.Name}\"");
}
var serviceHandler = handlers.First();
var serviceHandlerType = serviceHandler.GetType();
var methodInfo = _handlerMethodInfo.GetOrAdd(serviceHandlerType,
handlerMethodKey =>
{
return(serviceHandlerType.GetMethods()
.Where(x => x.Name == nameof(IAuthorizationHandler <IAuthorizationRequirement> .Handle))
.FirstOrDefault());
});
return((Task <AuthorizationResult>)methodInfo.Invoke(serviceHandler, new object[] { requirement, cancellationToken }));
}
private static void AppendFailureLine(
StringBuilder stringBuilder,
IAuthorizationRequirement authorizationRequirement)
{
switch (authorizationRequirement)
{
case ClaimsAuthorizationRequirement claimsAuthorizationRequirement:
stringBuilder.Append("Required claim '");
stringBuilder.Append(claimsAuthorizationRequirement.ClaimType);
if (claimsAuthorizationRequirement.AllowedValues == null || !claimsAuthorizationRequirement.AllowedValues.Any())
{
stringBuilder.AppendLine("' is not present.");
}
else
{
stringBuilder.Append("' with any value of '");
stringBuilder.Append(string.Join(", ", claimsAuthorizationRequirement.AllowedValues));
stringBuilder.AppendLine("' is not present.");
}
break;
case DenyAnonymousAuthorizationRequirement denyAnonymousAuthorizationRequirement:
stringBuilder.AppendLine("The current user must be authenticated.");
break;
case NameAuthorizationRequirement nameAuthorizationRequirement:
stringBuilder.Append("The current user name must match the name '");
stringBuilder.Append(nameAuthorizationRequirement.RequiredName);
stringBuilder.AppendLine("'.");
break;
case OperationAuthorizationRequirement operationAuthorizationRequirement:
stringBuilder.Append("Required operation '");
stringBuilder.Append(operationAuthorizationRequirement.Name);
stringBuilder.AppendLine("' was not present.");
break;
case RolesAuthorizationRequirement rolesAuthorizationRequirement:
if (rolesAuthorizationRequirement.AllowedRoles == null || !rolesAuthorizationRequirement.AllowedRoles.Any())
{
// This should never happen.
stringBuilder.AppendLine("Required roles are not present.");
}
else
{
stringBuilder.Append("Required roles '");
stringBuilder.Append(string.Join(", ", rolesAuthorizationRequirement.AllowedRoles));
stringBuilder.AppendLine("' are not present.");
}
break;
default:
stringBuilder.Append("Requirement '");
stringBuilder.Append(authorizationRequirement.GetType().Name);
stringBuilder.AppendLine("' was not satisfied.");
break;
}
}
private Type FindHandlerType(IAuthorizationRequirement requirement)
{
var requirementType = requirement.GetType();
var handlerType = _requirementHandlers.GetOrAdd(requirementType,
requirementTypeKey =>
{
var wrapperType = typeof(IAuthorizationHandler <>).MakeGenericType(requirementTypeKey);
return(wrapperType);
});
if (handlerType == null)
{
return(null);
}
return(handlerType);
}
private static string Format(IAuthorizationRequirement requirement)
{
return(requirement.GetType().Name);
}