protected async Task HandleRequirementAsync(AuthorizationHandlerContext context, ResourceIdRequirement requirement) { var accesibleResources = context.User.FindFirstValue($"{Constants.RESOURCE_ID_CLAIM_TYPE}:{requirement.PolicyName}"); var _accesibleResources = string.IsNullOrEmpty(accesibleResources) ? new string[0] : accesibleResources.Split(','); bool succeeded = false; if (await _resourceIdProvider.IsSpecificResourceId()) { succeeded = _accesibleResources.Contains((await _resourceIdProvider.CurrentResourceId()).ToString()) || _accesibleResources.Contains(Constants.RESOURCE_ID_WILDCARD); } else { succeeded = _accesibleResources.Contains(Constants.RESOURCE_ID_WILDCARD); } if (succeeded) { context.Succeed(requirement); } }
protected async Task HandleRequirementAsync(AuthorizationHandlerContext context, ResourceIdRequirement requirement) { var resourceClaims = context.User.FindAll($"{Constants.RESOURCE_ID_CLAIM_TYPE}:{requirement.PolicyName}"); var tenantId = await _tenantIdProvider.CurrentTenantId(); var accessibleResources = new string[0]; foreach (var resourceClaim in resourceClaims) { var tenantResourceMapping = string.IsNullOrEmpty(resourceClaim.Value) ? new string[0] : resourceClaim.Value.Split('_'); if (tenantResourceMapping.Length == 2 && tenantResourceMapping[1].Equals(tenantId.ToString())) { accessibleResources = tenantResourceMapping[0].Split(','); break; } } bool succeeded = false; if (await _resourceIdProvider.IsSpecificResourceId()) { succeeded = accessibleResources.Contains((await _resourceIdProvider.CurrentResourceId()).ToString()) || accessibleResources.Contains(Constants.RESOURCE_ID_WILDCARD); } else { succeeded = accessibleResources.Contains(Constants.RESOURCE_ID_WILDCARD); } if (succeeded) { context.Succeed(requirement); } }