private static Task <AuthorizationPolicy> CombineWithOptionsAsync(AuthorizationOptions options, params Mock <IAuthorizeData>[] data)
{
var attributes = new IAuthorizeData[data.Length];
for (var i = 0; i < attributes.Length; i++)
{
attributes[i] = data[i].Object;
}
return(AuthorizationPolicy.CombineAsync(new DefaultAuthorizationPolicyProvider(options), attributes));
}
/// <summary>
/// Determines if a user is authorized.
/// </summary>
/// <param name="controller">The controller from which <see cref="AuthorizationOptions"/> may be obtained.</param>
/// <param name="user">The user to evaluate the authorize data against.</param>
/// <param name="authorizeAttribute">The <see cref="IAuthorizeData"/> to evaluate.</param>
/// <returns>
/// A flag indicating whether authorization has succeeded.
/// This value is <value>true</value> when the <paramref name="user"/> fulfills the <paramref name="authorizeAttribute"/>; otherwise <value>false</value>.
/// </returns>
/// <remarks>
/// If <paramref name="controller"/> is not null, it will be used to find <see cref="AuthorizationOptions"/> instead of the current <see cref="IOwinContext"/>.
/// </remarks>
public async Task <bool> IsAuthorizedAsync(IAuthorizationController controller, ClaimsPrincipal user, IAuthorizeData authorizeAttribute)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
if (authorizeAttribute == null)
{
throw new ArgumentNullException(nameof(authorizeAttribute));
}
var options = ResolveAuthorizationOptions(controller);
if (options == null)
{
throw new InvalidOperationException(Resources.Exception_AuthorizationOptionsMustNotBeNull);
}
var dependencies = options.Dependencies
?? new AuthorizationDependencies();
var policyProvider = dependencies.PolicyProvider
?? new DefaultAuthorizationPolicyProvider(options);
var authorizationService = dependencies.Service;
if (authorizationService == null)
{
var handlerProvider = new DefaultAuthorizationHandlerProvider(new PassThroughAuthorizationHandler());
var handlers = await handlerProvider.GetHandlersAsync();
var loggerFactory = dependencies.LoggerFactory
?? new DiagnosticsLoggerFactory();
authorizationService = new DefaultAuthorizationService(
policyProvider,
handlers,
loggerFactory.CreateDefaultLogger(),
new DefaultAuthorizationHandlerContextFactory(),
new DefaultAuthorizationEvaluator());
}
var policy = await AuthorizationPolicy.CombineAsync(policyProvider, new[] { authorizeAttribute });
return(await authorizationService.AuthorizeAsync(user, policy));
}
public async Task <bool> IsAuthorizedAsync(IAuthorizationController controller, ClaimsPrincipal user, IAuthorizeData authorizeAttribute)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
if (authorizeAttribute == null)
{
throw new ArgumentNullException(nameof(authorizeAttribute));
}
AuthorizationOptions options;
if (controller != null)
{
options = controller.AuthorizationOptions;
}
else
{
var owinContext = _owinContextAccessor.Context;
var helper = new AuthorizationDependencyHelper(owinContext);
options = helper.AuthorizationOptions;
}
if (options == null)
{
throw new InvalidOperationException("AuthorizationOptions must not be null. Your resource authorization may be set up incorrectly.");
}
if (options.Dependencies == null)
{
throw new InvalidOperationException("AuthorizationOptions.Dependencies must not be null");
}
var policyProvider = options.Dependencies.PolicyProvider ?? new DefaultAuthorizationPolicyProvider(options);
var authorizationService = GetAuthorizationService(options, policyProvider);
var policy = await AuthorizationPolicy.CombineAsync(policyProvider, new[] { authorizeAttribute });
return(await authorizationService.AuthorizeAsync(user, policy));
}
public async Task CombineShouldReturnNullWhenThereAreNoAttributes()
{
var policy = await AuthorizationPolicy.CombineAsync(new DefaultAuthorizationPolicyProvider(new AuthorizationOptions()), new IAuthorizeData[0]);
Assert.IsNull(policy, "policy != null");
}
public async Task CombineShouldThrowWhenAttributesIsNull()
{
await AuthorizationPolicy.CombineAsync(new DefaultAuthorizationPolicyProvider(new AuthorizationOptions()), null);
}
public async Task CombineShouldThrowWhenOptionsIsNull()
{
await AuthorizationPolicy.CombineAsync(null, new IAuthorizeData[0]);
}