public static void ConfigureAuthorization(this IServiceCollection services) { services.AddIdentity<ApplicationUser, IdentityRole>() .AddEntityFrameworkStores<SecurityDbContext>() .AddDefaultTokenProviders(); services.AddAuthorization(options => { options.AddPolicy("RequireClimePolicyTest", policy => { policy.RequireClaim("RequireClimePolicyTest"); }); options.AddPolicy("RequireRolePolicyTest", policy => { policy.RequireRole("RequireRolePolicyTest"); }); options.AddPolicy("RequirementBasedPolicyTest", policy => { policy.AddRequirements(new TestRequirement(preSatisfied: true)); }); }); services.AddSingleton<IAuthorizationHandler, ResourceBasedAuthorizationHandler>(); services.AddSingleton<IAuthorizationHandler, RequirementBasedAuthorizationHandler>(); }
/// <summary> /// Adds authorization services to the specified <see cref="IServiceCollection" />. /// </summary> /// <param name="services">The <see cref="IServiceCollection" /> to add services to.</param> /// <param name="configure">An action delegate to configure the provided <see cref="AuthorizationOptions"/>.</param> /// <returns>A reference to this instance after the operation has completed.</returns> public static IServiceCollection AddAuthorization(this IServiceCollection services, Action<AuthorizationOptions> configure) { if (services == null) { throw new ArgumentNullException(nameof(services)); } if (configure == null) { throw new ArgumentNullException(nameof(configure)); } services.Configure(configure); return services.AddAuthorization(); }
public static IServiceCollection AddSmashLeagueAuthorization(this IServiceCollection services) { if (services == null) { throw new ArgumentNullException(nameof(services)); } services.AddTransient<TeamOwnerRequirement>(); var provider = services.BuildServiceProvider(); services.AddAuthorization(x => { x.AddTeamOwnerPolicy(provider); }); return services; }
public static void AddJwtAuthentication(this IServiceCollection serviceCollection, string rsaKeyPath, string fileName, string audience, string issuer) { var rsaSecurityKey = RsaHelper.GetRsaSecurityKey(rsaKeyPath, fileName); serviceCollection.AddSingleton(new TokenAuthOption { Audience = audience, Issuer = issuer, SigningCredentials = new SigningCredentials(rsaSecurityKey, SecurityAlgorithms.RsaSha256Signature), Key = rsaSecurityKey }); serviceCollection.AddAuthorization(auth => { auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser().Build()); }); }
public static IServiceCollection AddAuthentication(this IServiceCollection services, IConfiguration configuration) { services.Configure<GoogleAuthSettings>(configuration.GetSection("GoogleAuthSettings")); services.Configure<MicrosoftAuthSettings>(configuration.GetSection("MicrosoftAuthSettings")); services.AddSingleton<AuthManager>(); var policy = new AuthorizationPolicyBuilder() .RequireClaim("dg:org") .RequireClaim("dg:role") .Build(); services.AddAuthorization(options => { options.DefaultPolicy = policy; }); return services; }
public static IServiceCollection AddUmbraco(this IServiceCollection services) { services.AddUmbracoCore(); services.AddCaching(); services.AddSession(); services.AddMvc(); //services.AddAuthentication(); //services.AddAuthorization(); //replace the MVC one services.AddSingleton<IAssemblyProvider, MvcPluginAssemblyProvider>(); services.AddSingleton<IUmbracoAssemblyProvider, PluginAssemblyProvider>(provider => { var hosting = provider.GetRequiredService<IApplicationEnvironment>(); var fileProvider = new PhysicalFileProvider(hosting.ApplicationBasePath); return new PluginAssemblyProvider(fileProvider, provider.GetRequiredService<ILoggerFactory>(), PlatformServices.Default.AssemblyLoadContextAccessor, PlatformServices.Default.AssemblyLoaderContainer); }); services.AddAuthorization(options => { options.AddPolicy( "umbraco-backoffice", builder => builder .AddAuthenticationSchemes("umbraco-backoffice") .RequireAuthenticatedUser() .RequireClaim("umbraco-backoffice") ); }); services.Configure<MvcOptions>(options => { options.ModelBinders.Insert(0, new PublishedContentModelBinder()); }); //services.AddIdentity<BackOfficeUser, IdentityRole>(); services.AddSingleton<IControllerActivator, UmbracoControllerActivator>(); services.AddTransient<UmbracoControllerHelper>(); //services.AddSingleton<UmbracoAssemblyProvider>(); services.AddSingleton<IUmbracoConfig, UmbracoConfig>(); services.AddSingleton<UmbracoControllerTypeCollection>(); services.AddSingleton<SurfaceFormHelper>(); services.AddSingleton<IControllerPropertyActivator, ProxiedViewDataDictionaryPropertyActivator>(); services.AddScoped<UmbracoContext>(); services.AddScoped<RoutingContext>(); services.AddScoped<PublishedContentRequest>(); //TODO: default is no last chance finder (for now) services.AddScoped<ILastChanceContentFinder>(provider => (ILastChanceContentFinder) null); services.AddScoped<UrlProvider>(provider => new UrlProvider( provider.GetRequiredService<UmbracoContext>(), provider.GetServices<IUrlProvider>(), UrlProviderMode.Auto)); return services; }
public static IServiceCollection AddSecurity(this IServiceCollection services) { services.AddAuthorization(); services.AddTransient<IConfigureOptions<AuthorizationOptions>, AuthorizationOptionsSetup>(); return services; }
public static void AddPageAuthorization(this IServiceCollection services) { services.AddAuthorization(options => { options.AddPolicy("PageAllowance", delegate (AuthorizationPolicyBuilder policy) { policy.Requirements.Add(new PageAuthorizationRequirement()); //policy.RequireRole("SystemAdministrator", "Administrator", "Editor", "RestrictedEditor", "Visitor", "RestrictedVisitor"); }); }); services.AddInstance<IAuthorizationHandler>(new PageAllowanceAuthorizationHandler()); }