private Task <IEnumerable <string> > DefaultFindScopes(ScopeFinderContext context) { var claims = context.User?.FindAll("Scope"); var scopes = claims?.Select(c => c.Value) ?? Enumerable.Empty <string>(); return(Task.FromResult(scopes)); }
/// <summary> /// Makes decision whether authorization should be allowed based on the provided scopes. /// </summary> /// <param name="context">The authorization context.</param> /// <param name="requirement">The <see cref="ODataAuthorizationScopesRequirement"/> defining the scopes required /// for authorization to succeed.</param> /// <returns></returns> protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, ODataAuthorizationScopesRequirement requirement) { var scopeFinderContext = new ScopeFinderContext(context.User); var getScopes = _scopesFinder ?? DefaultFindScopes; var scopes = await getScopes(scopeFinderContext).ConfigureAwait(false); if (requirement.PermissionHandler.AllowsScopes(scopes)) { context.Succeed(requirement); } }