public async Task Invoke(HttpContext context) { _logger.LogDebug("started authorisation"); if (DownstreamRoute.ReRoute.IsAuthorised) { _logger.LogDebug("route is authorised"); var authorised = _authoriser.Authorise(context.User, DownstreamRoute.ReRoute.RouteClaimsRequirement); if (authorised.IsError) { _logger.LogDebug("error authorising user"); SetPipelineError(authorised.Errors); return; } if (IsAuthorised(authorised)) { _logger.LogDebug("user is authorised calling next middleware"); await _next.Invoke(context); _logger.LogDebug("succesfully called next middleware"); } else { _logger.LogDebug("user is not authorised setting pipeline error"); SetPipelineError(new List <Error> { new UnauthorisedError( $"{context.User.Identity.Name} unable to access {DownstreamRoute.ReRoute.UpstreamPathTemplate.Value}") }); } } else { _logger.LogDebug("AuthorisationMiddleware.Invoke route is not authorised calling next middleware"); await _next.Invoke(context); _logger.LogDebug("succesfully called next middleware"); } }