// Override method public override void OnAuthorization(AuthorizationContext filterContext) { // Get a reference to the user var user = filterContext.HttpContext.User as ClaimsPrincipal; // Matches (below) are case-insensitive // Look for claims that match the incoming type // The matchingClaims will be a collection of zero or more matching claims var matchingClaims = user.Claims .Where(c => c.Type.ToLower().Contains(ClaimType.ToLower())); // Attempt to locate matching values var matchedClaim = false; foreach (var claim in matchingClaims) { if (claim.Value.ToLower() == ClaimValue.ToLower()) { matchedClaim = true; break; } } if (matchedClaim) { // Yes, authorized base.OnAuthorization(filterContext); } else { // No, not authorized base.HandleUnauthorizedRequest(filterContext); } }
public override Task OnAuthorizationAsync(HttpActionContext actionContext, CancellationToken cancellationToken) { var principal = actionContext.RequestContext.Principal as ClaimsPrincipal; if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any <AllowAnonymousAttribute>() || actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any <AllowAnonymousAttribute>()) { return(Task.FromResult <object>(null)); } if (!principal.Identity.IsAuthenticated) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); return(Task.FromResult <object>(null)); } if (UserConfig.GetLoggedOutUser().Contains(principal.FindFirst(e => e.Type == "user").Value)) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); return(Task.FromResult <object>(null)); } if (!(principal.HasClaim(e => e.Type.ToLower().Equals(ClaimType.ToLower()) && ClaimValue.ToLower().Contains(e.Value.ToLower())))) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); return(Task.FromResult <object>(null)); } return(Task.FromResult <object>(null)); }
public override Task OnAuthorizationAsync(HttpActionContext actionContext, CancellationToken cancellationToken) { var principal = actionContext.RequestContext.Principal as ClaimsPrincipal; if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any() || actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any()) { return(Task.FromResult <object>(null)); } if (!principal.Identity.IsAuthenticated) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); //burada araya giriyoruz. return(Task.FromResult <object>(null)); //method u sonlandırmak için yazılıyor. } if (UserConfig.GetLoggedOutUsers().Contains(principal.FindFirst(e => e.Type == "user").Value)) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); return(Task.FromResult <object>(null)); } if (!principal.HasClaim(e => e.Type.ToLower().Contains(ClaimType.ToLower()) && ClaimValue.ToLower().Equals(e.Value.ToLower()))) //user ya da role tipinde claim var mı ve admin mi { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); //burada araya giriyoruz. return(Task.FromResult <object>(null)); } return(Task.FromResult <object>(null)); }
public CustomClaim() { DateCreated = DateTime.Now; DateUpdated = DateCreated; // Help configure a property value with the official claim URI if (ClaimType.ToLower() == "role") { ClaimTypeUri = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role"; } }