public Task ApplyingAsync(AuthorizationPolicyContext context)
{
if (ApplyingAsyncAction != null)
{
ApplyingAsyncAction(context);
}
return Task.FromResult(0);
}
public async Task <bool> AuthorizeAsync(IEnumerable <Claim> claims, ClaimsPrincipal user, object resource)
{
var context = new AuthorizationPolicyContext(claims, user, resource);
foreach (var policy in _policies)
{
await policy.ApplyingAsync(context);
}
// we only apply the policies for a limited number of times to prevent
// infinite loops
int retries;
for (retries = 0; retries < MaxRetries; retries++)
{
// we don't need to check for owned claims if the permission is already granted
if (!context.Authorized)
{
if (context.User != null)
{
if (ClaimsMatch(context.Claims, context.UserClaims))
{
context.Authorized = true;
}
}
}
// reset the retry flag
context.Retry = false;
// give a chance for policies to change claims or the grant
foreach (var policy in _policies)
{
await policy.ApplyAsync(context);
}
// if no policies have changed the context, stop checking
if (!context.Retry)
{
break;
}
}
if (retries == MaxRetries)
{
throw new InvalidOperationException("Too many authorization retries.");
}
foreach (var policy in _policies)
{
await policy.AppliedAsync(context);
}
return(context.Authorized);
}
public async Task<bool> AuthorizeAsync(IEnumerable<Claim> claims, ClaimsPrincipal user, object resource)
{
var context = new AuthorizationPolicyContext(claims, user, resource);
foreach (var policy in _policies)
{
await policy.ApplyingAsync(context);
}
// we only apply the policies for a limited number of times to prevent
// infinite loops
int retries;
for (retries = 0; retries < MaxRetries; retries++)
{
// we don't need to check for owned claims if the permission is already granted
if (!context.Authorized)
{
if (context.User != null)
{
if (ClaimsMatch(context.Claims, context.UserClaims))
{
context.Authorized = true;
}
}
}
// reset the retry flag
context.Retry = false;
// give a chance for policies to change claims or the grant
foreach (var policy in _policies)
{
await policy.ApplyAsync(context);
}
// if no policies have changed the context, stop checking
if (!context.Retry)
{
break;
}
}
if (retries == MaxRetries)
{
throw new InvalidOperationException("Too many authorization retries.");
}
foreach (var policy in _policies)
{
await policy.AppliedAsync(context);
}
return context.Authorized;
}
public virtual Task AppliedAsync(AuthorizationPolicyContext context)
{
return(Task.FromResult(0));
}
public virtual Task ApplyingAsync(AuthorizationPolicyContext context)
{
return Task.FromResult(0);
}