public Task Authorize(AuthorizationContext context) { if (!context.User.Identity.IsAuthenticated) { context.ReportError("Not authenticated"); } return(Task.CompletedTask); }
public async Task Authorize([NotNull] AuthorizationContext context) { var userCtx = (GraphQLUserContext)context.UserContext; var user = userCtx.ClaimsPrincipal; if (!await user.IsInBotGuild(_client)) { context.ReportError("Not in any mutual guilds with bot"); } }
public async Task Authorize([NotNull] AuthorizationContext context) { var userCtx = (GraphQLUserContext)context.UserContext; var user = userCtx.ClaimsPrincipal; if (user.TryGetDiscordUser(_client) == null) { context.ReportError("Not logged in with Discord"); } }
public async Task Authorize([NotNull] AuthorizationContext context) { var userCtx = (GraphQLUserContext)context.UserContext; var user = userCtx.ClaimsPrincipal; if (!await user.IsBotOwner(_client)) { context.ReportError("Not the bot owner"); } }
public Task Authorize(AuthorizationContext context) { var minimumAge = int.Parse(context.User.FindFirst(c => c.Type == "age")?.Value ?? "0"); if (minimumAge < 21) { context.ReportError("MinimumAge"); } return(Task.CompletedTask); }
public async Task Authorize(AuthorizationContext context) { var authResult = await _authorise(); if (authResult.Successful) { return; } context.ReportError(authResult.ErrorMessage); }
public Task Authorize(AuthorizationContext context) { var user = context.User; var userIsAnonymous = user?.Identity == null || !user.Identities.Any(i => i.IsAuthenticated); if (userIsAnonymous) { context.ReportError($"User is not authorized"); } return(Task.CompletedTask); }
public async Task <AuthorizationResult> Evaluate(ClaimsPrincipal principal, object userContext, IDictionary <string, object> arguments, IEnumerable <string> requiredPolicies) { var context = new AuthorizationContext { User = principal ?? new ClaimsPrincipal(new ClaimsIdentity()), UserContext = userContext, InputVariables = arguments }; foreach (var requiredPolicy in requiredPolicies?.ToList() ?? new List <string>()) { var authorizationResult = await _authorizationService.AuthorizeAsync(context.User, null, new PermissionAuthorizationRequirement(requiredPolicy)); if (!authorizationResult.Succeeded) { context.ReportError($"User doesn't have the required permission '{requiredPolicy}'."); } } return(!context.HasErrors ? AuthorizationResult.Success() : AuthorizationResult.Fail(context.Errors)); }
public Task Authorize(AuthorizationContext context) { if (_whitelistOfClientIds == null || _whitelistOfClientIds.All(string.IsNullOrEmpty)) { return(Task.CompletedTask); // only invoke if whitelist exists! } foreach (var identity in context.User.Identities) { foreach (var clientId in _whitelistOfClientIds) { if (identity.HasClaim(CLIENT_ID_CLAIM, clientId)) { return(Task.CompletedTask); } } } context.ReportError("The user does not have permission to view sensitive data."); return(Task.CompletedTask); }