public void OnProvidersExecuting_IgnoresAttributesOnHandlerMethods() { // Arrange var policyProvider = new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())); var authorizationProvider = new AuthorizationPageApplicationModelProvider(policyProvider, OptionsWithoutEndpointRouting); var typeInfo = typeof(PageWithAuthorizeHandlers).GetTypeInfo(); var context = GetApplicationProviderContext(typeInfo); // Act authorizationProvider.OnProvidersExecuting(context); // Assert Assert.Collection( context.PageApplicationModel.Filters, f => Assert.IsType <PageHandlerPageFilter>(f), f => Assert.IsType <HandleOptionsRequestsPageFilter>(f)); }
public void OnProvidersExecuting_AddsAuthorizeFilter_IfModelHasAuthorizationAttributes() { // Arrange var policyProvider = new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())); var authorizationProvider = new AuthorizationPageApplicationModelProvider(policyProvider); var context = GetApplicationProviderContext(typeof(TestPage).GetTypeInfo()); // Act authorizationProvider.OnProvidersExecuting(context); // Assert Assert.Collection( context.PageApplicationModel.Filters, f => Assert.IsType <PageHandlerPageFilter>(f), f => Assert.IsType <HandleOptionsRequestsPageFilter>(f), f => Assert.IsType <AuthorizeFilter>(f)); }
public void OnProvidersExecuting_AddsAllowAnonymousFilter() { // Arrange var policyProvider = new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())); var authorizationProvider = new AuthorizationPageApplicationModelProvider(policyProvider, OptionsWithoutEndpointRouting); var context = GetApplicationProviderContext(typeof(PageWithAnonymousModel).GetTypeInfo()); // Act authorizationProvider.OnProvidersExecuting(context); // Assert Assert.Collection( context.PageApplicationModel.Filters, f => Assert.IsType <PageHandlerPageFilter>(f), f => Assert.IsType <HandleOptionsRequestsPageFilter>(f), f => Assert.IsType <AllowAnonymousFilter>(f)); }
public void OnProvidersExecuting_DoesNothingWithEndpointRouting() { // Arrange var policyProvider = new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())); var authorizationProvider = new AuthorizationPageApplicationModelProvider(policyProvider, Options.Create(new MvcOptions())); var typeInfo = typeof(TestPage).GetTypeInfo(); var context = GetApplicationProviderContext(typeInfo); // Act authorizationProvider.OnProvidersExecuting(context); // Assert Assert.Collection( context.PageApplicationModel.Filters, f => Assert.IsType <PageHandlerPageFilter>(f), f => Assert.IsType <HandleOptionsRequestsPageFilter>(f)); }
public async Task CanReplaceDefaultPolicyDirectly() { // Arrange var attributes = new AuthorizeAttribute[] { new AuthorizeAttribute(), new AuthorizeAttribute(), }; var policies = new[] { new AuthorizationPolicyBuilder().RequireAssertion(_ => true).Build() }; var options = new AuthorizationOptions(); var provider = new DefaultAuthorizationPolicyProvider(Options.Create(options)); // Act var combined = await AuthorizationPolicy.CombineAsync(provider, attributes, policies); // Assert Assert.Equal(1, combined.Requirements.Count); Assert.Empty(combined.Requirements.OfType <DenyAnonymousAuthorizationRequirement>()); }
public async Task CombineMustIgnoreEmptyAuthenticationScheme() { // Arrange var attributes = new AuthorizeAttribute[] { new AuthorizeAttribute() { AuthenticationSchemes = "a1 , , ,,, a2" } }; var options = new AuthorizationOptions(); var provider = new DefaultAuthorizationPolicyProvider(Options.Create(options)); // Act var combined = await AuthorizationPolicy.CombineAsync(provider, attributes); // Assert Assert.Equal(2, combined.AuthenticationSchemes.Count()); Assert.Contains(combined.AuthenticationSchemes, a => a.Equals("a1")); Assert.Contains(combined.AuthenticationSchemes, a => a.Equals("a2")); }
public void OnProvidersExecuting_CollatesAttributesFromInheritedTypes() { // Arrange var options = new TestOptionsManager <AuthorizationOptions>(); options.Value.AddPolicy("Base", policy => policy.RequireClaim("Basic").RequireClaim("Basic2")); options.Value.AddPolicy("Derived", policy => policy.RequireClaim("Derived")); var policyProvider = new DefaultAuthorizationPolicyProvider(options); var autorizationProvider = new AuthorizationPageApplicationModelProvider(policyProvider); var context = GetApplicationProviderContext(typeof(TestPageWithDerivedModel).GetTypeInfo()); // Act autorizationProvider.OnProvidersExecuting(context); // Assert var authorizeFilter = Assert.IsType <AuthorizeFilter>(Assert.Single(context.PageApplicationModel.Filters)); // Basic + Basic2 + Derived authorize Assert.Equal(3, authorizeFilter.Policy.Requirements.Count); }
public async Task CombineMustIgnoreEmptyRoles() { // Arrange var attributes = new AuthorizeAttribute[] { new AuthorizeAttribute() { Roles = "r1 , ,, , r2" } }; var options = new AuthorizationOptions(); var provider = new DefaultAuthorizationPolicyProvider(Options.Create(options)); // Act var combined = await AuthorizationPolicy.CombineAsync(provider, attributes); // Assert Assert.Contains(combined.Requirements, r => r is RolesAuthorizationRequirement); var rolesAuthorizationRequirement = combined.Requirements.OfType <RolesAuthorizationRequirement>().First(); Assert.Equal(2, rolesAuthorizationRequirement.AllowedRoles.Count()); Assert.Contains(rolesAuthorizationRequirement.AllowedRoles, r => r.Equals("r1")); Assert.Contains(rolesAuthorizationRequirement.AllowedRoles, r => r.Equals("r2")); }
public AbpApplicationConfigurationAppService( IOptions <AbpLocalizationOptions> localizationOptions, IOptions <AbpMultiTenancyOptions> multiTenancyOptions, IServiceProvider serviceProvider, IAbpAuthorizationPolicyProvider abpAuthorizationPolicyProvider, IPermissionDefinitionManager permissionDefinitionManager, DefaultAuthorizationPolicyProvider defaultAuthorizationPolicyProvider, IPermissionChecker permissionChecker, IAuthorizationService authorizationService, ICurrentUser currentUser, ISettingProvider settingProvider, ISettingDefinitionManager settingDefinitionManager, IFeatureDefinitionManager featureDefinitionManager, ILanguageProvider languageProvider, ITimezoneProvider timezoneProvider, IOptions <AbpClockOptions> abpClockOptions, ICachedObjectExtensionsDtoService cachedObjectExtensionsDtoService, IOptions <AbpApplicationConfigurationOptions> options) { _serviceProvider = serviceProvider; _abpAuthorizationPolicyProvider = abpAuthorizationPolicyProvider; _permissionDefinitionManager = permissionDefinitionManager; _defaultAuthorizationPolicyProvider = defaultAuthorizationPolicyProvider; _permissionChecker = permissionChecker; _authorizationService = authorizationService; _currentUser = currentUser; _settingProvider = settingProvider; _settingDefinitionManager = settingDefinitionManager; _featureDefinitionManager = featureDefinitionManager; _languageProvider = languageProvider; _timezoneProvider = timezoneProvider; _abpClockOptions = abpClockOptions.Value; _cachedObjectExtensionsDtoService = cachedObjectExtensionsDtoService; _options = options.Value; _localizationOptions = localizationOptions.Value; _multiTenancyOptions = multiTenancyOptions.Value; }
public async Task CanCombineAuthorizeAttributes() { // Arrange var attributes = new AuthorizeAttribute[] { new AuthorizeAttribute(), new AuthorizeAttribute("1") { AuthenticationSchemes = "dupe" }, new AuthorizeAttribute("2") { AuthenticationSchemes = "dupe" }, new AuthorizeAttribute { Roles = "r1,r2", AuthenticationSchemes = "roles" }, }; var options = new AuthorizationOptions(); options.AddPolicy("1", policy => policy.RequireClaim("1")); options.AddPolicy("2", policy => policy.RequireClaim("2")); var provider = new DefaultAuthorizationPolicyProvider(Options.Create(options)); // Act var combined = await AuthorizationPolicy.CombineAsync(provider, attributes); // Assert Assert.Equal(2, combined.AuthenticationSchemes.Count()); Assert.Contains("dupe", combined.AuthenticationSchemes); Assert.Contains("roles", combined.AuthenticationSchemes); Assert.Equal(4, combined.Requirements.Count()); Assert.Contains(combined.Requirements, r => r is DenyAnonymousAuthorizationRequirement); Assert.Equal(2, combined.Requirements.OfType <ClaimsAuthorizationRequirement>().Count()); Assert.Single(combined.Requirements.OfType <RolesAuthorizationRequirement>()); }
public void Configuration(IAppBuilder app) { app.UseErrorPage(); app.Use(AddEmployeeClaimBeforeAuthorizationCheck); var config = new HttpConfiguration(); WebApiConfig.Register(config); app.UseAuthorization(options => { options.AddPolicy(ExampleConstants.EmployeeNumber2Policy, policyBuilder => { policyBuilder.AddRequirements(new EmployeeNumber2Requirement()); }); var policyProvider = new DefaultAuthorizationPolicyProvider(options); var handlers = new IAuthorizationHandler[] { new EmployeeNumber2Handler() }; var logger = app.CreateLogger("my logger"); options.Dependencies.Service = new DefaultAuthorizationService(policyProvider, handlers, logger); }); app.UseWebApi(config); }
public GoogleScopedPolicyProvider(GoogleAuthenticationSchemeProvider scheme, IOptions <AuthorizationOptions> options) { _scheme = scheme.Scheme; _default = new DefaultAuthorizationPolicyProvider(options); }
public LimfxPolicyProvider(IOptions <AuthorizationOptions> options) { // ASP.NET Core only uses one authorization policy provider, so if the custom implementation // doesn't handle all policies it should fall back to an alternate provider. BackupPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }
public DynamicClaimPolicyProvider(IOptions <AuthorizationOptions> options) { _options = options.Value; FallbackPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }
public OperationTypePolicyProvider(IOperaionTypeAuthoriztion permissions, IOptions <AuthorizationOptions> options, ILogger logger) { _permissions = permissions; FallbackPolicyProvider = new DefaultAuthorizationPolicyProvider(options); _logger = logger; }
/// <summary> /// Initializes a new instance of the <see cref="PermissionsPolicyProvider"/> class. /// </summary> /// <param name="options">The options.</param> public PermissionsPolicyProvider(IOptions <AuthorizationOptions> options) { this.FallbackPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }
public LogicalOrPolicyProvider(IOptions <AuthorizationOptions> options) { _authZOpts = options.Value; FallbackPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }
public AppPolicyProvider(IOptions <AuthorizationOptions> options, IConfiguration configuration) { _defaultAuthorizationPolicyProvider = new DefaultAuthorizationPolicyProvider(options); _configuration = configuration; }
/// <summary> /// Constructs the policy provider and sets the default fallback provider configured with the options provided to the DI container. /// Do not instantiate this manually. This class must be registered as a singleton in the ASP NET DI container /// </summary> /// <param name="options"></param> public RequiresPermissionPolicyProvider(IOptions <AuthorizationOptions> options) { FallbackPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }
public CustomRBACPolicyProvider(IConfiguration configuration, IOptions <AuthorizationOptions> options) { _configuration = configuration; FallbackPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }
public CustomAuthPolicyProvider(IOptions <AuthorizationOptions> options) { //Initializing default policy provider. FallbackPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }
public KeycloakAuthorizationPolicyProvider(IOptions <KeycloakAuthorizationOptions> options, IOptions <AuthorizationOptions> authorizationOptions) { _options = options; _authorizationOptions = authorizationOptions; _fallbackPolicyProvider = new DefaultAuthorizationPolicyProvider(_authorizationOptions); }
public void Setup() { _policyProvider = new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())); }
public CustomPolicyProvider(IOptions <AuthorizationOptions> options) { BackupPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }
public RoleAuthorizationPolicyProvider(ILoggerFactory loggerFactory, IOptions <AuthorizationOptions> authorizationOptions) { _defaultAuthorizationPolicyProvider = new DefaultAuthorizationPolicyProvider(authorizationOptions); _logger = loggerFactory.CreateLogger <RoleAuthorizationPolicyProvider>(); }
public MinimumAgePolicyProvider(IOptions <AuthorizationOptions> options) { BackupPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }
public PermissionPolicy(IOptions <AuthorizationOptions> options) { defaultPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }
public LoginRequiredPolicyProvider(IOptions <AuthorizationOptions> options) { //save default provider options if needed FallbackPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }
public PolicyProvider(IOptions <AuthorizationOptions> options) { FallbackPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }
public MinimumTimeSpendPolicy(IOptions <AuthorizationOptions> options) { defaultPolicyProvider = new DefaultAuthorizationPolicyProvider(options); }