// Override method
public override void OnAuthorization(AuthorizationContext filterContext)
{
// Get a reference to the user
var user = filterContext.HttpContext.User as ClaimsPrincipal;
// Matches (below) are case-insensitive
// Look for claims that match the incoming type
// The matchingClaims will be a collection of zero or more matching claims
var matchingClaims = user.Claims
.Where(c => c.Type.ToLower().Contains(ClaimType.ToLower()));
// Attempt to locate matching values
var matchedClaim = false;
foreach (var claim in matchingClaims)
{
if (claim.Value.ToLower() == ClaimValue.ToLower())
{
matchedClaim = true;
break;
}
}
if (matchedClaim)
{
// Yes, authorized
base.OnAuthorization(filterContext);
}
else
{
// No, not authorized
base.HandleUnauthorizedRequest(filterContext);
}
}
public override Task OnAuthorizationAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
{
var principal = actionContext.RequestContext.Principal as ClaimsPrincipal;
if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any <AllowAnonymousAttribute>() || actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any <AllowAnonymousAttribute>())
{
return(Task.FromResult <object>(null));
}
if (!principal.Identity.IsAuthenticated)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
return(Task.FromResult <object>(null));
}
if (UserConfig.GetLoggedOutUser().Contains(principal.FindFirst(e => e.Type == "user").Value))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
return(Task.FromResult <object>(null));
}
if (!(principal.HasClaim(e => e.Type.ToLower().Equals(ClaimType.ToLower()) &&
ClaimValue.ToLower().Contains(e.Value.ToLower()))))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
return(Task.FromResult <object>(null));
}
return(Task.FromResult <object>(null));
}
public override Task OnAuthorizationAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
{
var principal = actionContext.RequestContext.Principal as ClaimsPrincipal;
if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any() || actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any())
{
return(Task.FromResult <object>(null));
}
if (!principal.Identity.IsAuthenticated)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); //burada araya giriyoruz.
return(Task.FromResult <object>(null)); //method u sonlandırmak için yazılıyor.
}
if (UserConfig.GetLoggedOutUsers().Contains(principal.FindFirst(e => e.Type == "user").Value))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
return(Task.FromResult <object>(null));
}
if (!principal.HasClaim(e => e.Type.ToLower().Contains(ClaimType.ToLower()) && ClaimValue.ToLower().Equals(e.Value.ToLower()))) //user ya da role tipinde claim var mı ve admin mi
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); //burada araya giriyoruz.
return(Task.FromResult <object>(null));
}
return(Task.FromResult <object>(null));
}
public CustomClaim()
{
DateCreated = DateTime.Now;
DateUpdated = DateCreated;
// Help configure a property value with the official claim URI
if (ClaimType.ToLower() == "role")
{
ClaimTypeUri = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role";
}
}
