예제 #1
0
        public async Task <IActionResult> Secure()
        {
            var result = await _client.EvaluateAsync(User);

            return(View(result));

            //return View();
        }
 public static void MapUserPermissions(this IEndpointRouteBuilder builder, string path)
 {
     builder.MapGet(path, async ctx =>
     {
         _policyClient ??= ctx.RequestServices.GetService <IPolicyServerRuntimeClient>();
         var result = await _policyClient.EvaluateAsync(ctx.User);
         var text   = JsonConvert.SerializeObject(result, _jsonSerializerSettings);
         ctx.Response.ContentType = MediaTypeNames.Application.Json;
         await ctx.Response.WriteAsync(text);
     }).RequireAuthorization();
 }
        public async Task <IActionResult> GetPermissions()
        {
            logger.LogInformation("Retrieving authorization permissions for user.");
            var authProperties = await policyClient.EvaluateAsync(User);

            AuthorizationModel responseModel = new AuthorizationModel()
            {
                Permissions = authProperties.Permissions.ToList()
            };
            var permissionsPrefix = configuration.GetSection("PolicyServer").GetValue <string>("BasePolicyPrefix");

            responseModel.Permissions = responseModel.Permissions.Select(p => $"{permissionsPrefix}.{p}").ToList();
            return(Ok(responseModel));
        }
예제 #4
0
    /// <summary>
    /// Invoke
    /// </summary>
    /// <param name="context">The context.</param>
    /// <param name="client">The client.</param>
    /// <returns></returns>
    public async Task Invoke(HttpContext context, IPolicyServerRuntimeClient client)
    {
        if (context.User.Identity.IsAuthenticated)
        {
            var policy = await client.EvaluateAsync(context.User);

            var roleClaims       = policy.Roles.Select(x => new Claim("role", x));
            var permissionClaims = policy.Permissions.Select(x => new Claim("permission", x));
            var id = new ClaimsIdentity("PolicyServerMiddleware", "name", "role");
            id.AddClaims(roleClaims);
            id.AddClaims(permissionClaims);
            context.User.AddIdentity(id);
        }
        await _next(context);
    }