/// <summary> /// Determines if a User is in an Ability /// /// Throws SecurityHttpException /// </summary> /// <param name="baseUrl">The base url of the api, will look similar to http://api-authorization.common.streamlinedb.dev/v1 </param> /// <param name="authorizationRequest">An object that holds the active directory id and abilities</param> /// <returns>True if the user is in the ability, false otherwise</returns> public static bool IsUserInAbility(string baseUrl, ActiveDirectoryBasedAuthorizationRequest authorizationRequest) { var isUserInAbility = false; if (!ValidateRequest(authorizationRequest)) { return(false); } var relativeUrl = "providers/activedirectory"; if (!baseUrl.Contains("/v1")) { relativeUrl += "v1/" + relativeUrl; } RequestUrl = new Uri(new Uri(baseUrl), relativeUrl); RequestUrl.MakeResourceRequest().Post(authorizationRequest, (exception, response) => { if (response != null) { isUserInAbility = response.StatusCode.IsSuccess(); } }); return(isUserInAbility); }
static bool ValidateRequest(ActiveDirectoryBasedAuthorizationRequest authorizationRequest) { if (!authorizationRequest.Abilities.Any()) { return(false); } if (authorizationRequest.ActiveDirectoryId == Guid.Empty) { return(false); } return(true); }
/// <summary> /// Determines if a User is in an Ability /// /// Throws SecurityHttpException /// </summary> /// <param name="baseUrl">The base url of the api, will look similar to http://api-authorization.common.streamlinedb.dev/v1 </param> /// <param name="activeDirectoryId">Active Directory GUID</param> /// <param name="abilities">An ability to validate against. (This is the 'Name' of the ability)</param> /// <returns>True if the user is in the ability, false otherwise</returns> public static bool IsUserInAbility(string baseUrl, Guid activeDirectoryId, IEnumerable <string> abilities) { var request = new ActiveDirectoryBasedAuthorizationRequest(activeDirectoryId, abilities); return(IsUserInAbility(baseUrl, request)); }