/// <summary>
/// Authorize filter for a specific policy.
/// </summary>
/// <param name="policy">Authorization policy to be used.</param>
public AuthorizeFilter(AuthorizationPolicy policy)
{
if (policy == null)
{
throw new ArgumentNullException(nameof(policy));
}
Policy = policy;
}
public AuthorizationPolicyBuilder Combine(AuthorizationPolicy policy)
{
if (policy == null)
{
throw new ArgumentNullException(nameof(policy));
}
AddAuthenticationSchemes(policy.AuthenticationSchemes.ToArray());
AddRequirements(policy.Requirements.ToArray());
return this;
}
/// <summary>
/// Checks if a user meets a specific authorization policy
/// </summary>
/// <param name="service">The authorization service.</param>
/// <param name="user">The user to check the policy against.</param>
/// <param name="resource">The resource the policy should be checked with.</param>
/// <param name="policy">The policy to check against a specific context.</param>
/// <returns><value>true</value> when the user fulfills the policy, <value>false</value> otherwise.</returns>
public static Task<bool> AuthorizeAsync(this IAuthorizationService service, ClaimsPrincipal user, object resource, AuthorizationPolicy policy)
{
if (service == null)
{
throw new ArgumentNullException(nameof(service));
}
if (policy == null)
{
throw new ArgumentNullException(nameof(policy));
}
return service.AuthorizeAsync(user, resource, policy.Requirements.ToArray());
}
/// <summary>
/// Checks if a user meets a specific authorization policy
/// </summary>
/// <param name="service">The authorization service.</param>
/// <param name="user">The user to check the policy against.</param>
/// <param name="policy">The policy to check against a specific context.</param>
/// <returns><value>true</value> when the user fulfills the policy, <value>false</value> otherwise.</returns>
public static Task<bool> AuthorizeAsync(this IAuthorizationService service, ClaimsPrincipal user, AuthorizationPolicy policy)
{
if (service == null)
{
throw new ArgumentNullException(nameof(service));
}
if (policy == null)
{
throw new ArgumentNullException(nameof(policy));
}
return service.AuthorizeAsync(user, resource: null, policy: policy);
}
public static void AddTeamOwnerPolicy(this AuthorizationOptions options, IServiceProvider provider)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
// build team ownership policy
var ownershipRequirements = new IAuthorizationRequirement[]
{
new DenyAnonymousAuthorizationRequirement(),
(TeamOwnerRequirement)provider.GetService(typeof(TeamOwnerRequirement))
};
var ownershipPolicy = new AuthorizationPolicy(ownershipRequirements, new string[0]);
options.AddPolicy(AuthorizationDefaults.PolicyTeamOwner, ownershipPolicy);
}
public AuthorizationPolicyBuilder(AuthorizationPolicy policy)
{
Combine(policy);
}
public AuthorizationPolicyBuilder Combine([NotNull] AuthorizationPolicy policy)
{
AddAuthenticationSchemes(policy.ActiveAuthenticationSchemes.ToArray());
AddRequirements(policy.Requirements.ToArray());
return(this);
}
public AuthorizationPolicyBuilder(AuthorizationPolicy policy)
{
Combine(policy);
}
/// <summary>
/// Checks if a user meets a specific authorization policy
/// </summary>
/// <param name="service">The authorization service.</param>
/// <param name="user">The user to check the policy against.</param>
/// <param name="resource">The resource the policy should be checked with.</param>
/// <param name="policy">The policy to check against a specific context.</param>
/// <returns><value>true</value> when the user fulfills the policy, <value>false</value> otherwise.</returns>
public static bool Authorize([NotNull] this IAuthorizationService service, ClaimsPrincipal user, object resource, [NotNull] AuthorizationPolicy policy)
{
// TODO: REeanble
//if (policy.ActiveAuthenticationSchemes != null && policy.ActiveAuthenticationSchemes.Any() && user != null)
//{
// // Filter the user to only contain the active authentication types
// user = new ClaimsPrincipal(user.Identities.Where(i => policy.ActiveAuthenticationSchemes.Contains(i.AuthenticationScheme)));
//}
return(service.Authorize(user, resource, policy.Requirements.ToArray()));
}
/// <summary>
/// Checks if a user meets a specific authorization policy
/// </summary>
/// <param name="service">The authorization service.</param>
/// <param name="user">The user to check the policy against.</param>
/// <param name="policy">The policy to check against a specific context.</param>
/// <returns><value>true</value> when the user fulfills the policy, <value>false</value> otherwise.</returns>
public static Task <bool> AuthorizeAsync([NotNull] this IAuthorizationService service, ClaimsPrincipal user, [NotNull] AuthorizationPolicy policy)
{
return(service.AuthorizeAsync(user, resource: null, policy: policy));
}
/// <summary>
/// Checks if a user meets a specific authorization policy
/// </summary>
/// <param name="service">The authorization service.</param>
/// <param name="user">The user to check the policy against.</param>
/// <param name="resource">The resource the policy should be checked with.</param>
/// <param name="policy">The policy to check against a specific context.</param>
/// <returns><value>true</value> when the user fulfills the policy, <value>false</value> otherwise.</returns>
public static Task <bool> AuthorizeAsync([NotNull] this IAuthorizationService service, ClaimsPrincipal user, object resource, [NotNull] AuthorizationPolicy policy)
{
return(service.AuthorizeAsync(user, resource, policy.Requirements.ToArray()));
}
public void AddPolicy([NotNull] string name, [NotNull] AuthorizationPolicy policy)
{
PolicyMap[name] = policy;
}
/// <summary>
/// Checks if a user meets a specific authorization policy
/// </summary>
/// <param name="service">The authorization service.</param>
/// <param name="user">The user to check the policy against.</param>
/// <param name="policy">The policy to check against a specific context.</param>
/// <returns><value>true</value> when the user fulfills the policy, <value>false</value> otherwise.</returns>
public static Task <bool> AuthorizeAsync(this IAuthorizationService service, ClaimsPrincipal user, AuthorizationPolicy policy)
{
if (service == null)
{
throw new ArgumentNullException(nameof(service));
}
if (policy == null)
{
throw new ArgumentNullException(nameof(policy));
}
return(service.AuthorizeAsync(user, resource: null, policy: policy));
}
/// <summary>
/// Checks if a user meets a specific authorization policy
/// </summary>
/// <param name="service">The authorization service.</param>
/// <param name="user">The user to check the policy against.</param>
/// <param name="resource">The resource the policy should be checked with.</param>
/// <param name="policy">The policy to check against a specific context.</param>
/// <returns><value>true</value> when the user fulfills the policy, <value>false</value> otherwise.</returns>
public static Task <bool> AuthorizeAsync(this IAuthorizationService service, ClaimsPrincipal user, object resource, AuthorizationPolicy policy)
{
if (service == null)
{
throw new ArgumentNullException(nameof(service));
}
if (policy == null)
{
throw new ArgumentNullException(nameof(policy));
}
return(service.AuthorizeAsync(user, resource, policy.Requirements.ToArray()));
}
