public override async Task OnAuthorizationAsync(AuthorizationFilterContext context) { var task = base.OnAuthorizationAsync(context); if (context.Result != null && (context.Result is ChallengeResult || context.Result is ForbidResult)) { return; } if (HasAllowAnonymous(context))//allow anonymous access { return; } bool isAuthenticated = context.HttpContext.User?.Identity?.IsAuthenticated ?? false; if (!isAuthenticated) { context.Result = new ChallengeResult(); return; } var verifyResult = await AuthorizationManager.AuthorizeAsync(new AuthorizeOptions() { Controller = context.RouteData.Values["controller"]?.ToString() ?? string.Empty, Action = context.RouteData.Values["action"]?.ToString() ?? string.Empty, Area = context.RouteData.Values["area"]?.ToString() ?? string.Empty, Application = ApplicationManager.Current, Method = context?.HttpContext?.Request?.Method, Claims = context.HttpContext.User?.Claims?.ToDictionary(c => c.Type, c => c.Value) ?? new Dictionary <string, string>(0) }).ConfigureAwait(false); switch (verifyResult.Status) { case AuthorizationStatus.Challenge: context.Result = new ChallengeResult(); break; case AuthorizationStatus.Forbid: default: context.Result = new ForbidResult(); break; case AuthorizationStatus.Success: break; } }
public override async Task OnAuthorizationAsync(AuthorizationFilterContext context) { if (!AuthorizationManager.IngoreDefaultAuthorize) { var originalResult = context.Result; await base.OnAuthorizationAsync(context).ConfigureAwait(false); if (context.Result != null && ((context.Result is ChallengeResult && !AuthorizationManager.IngoreAuthentication) || context.Result is ForbidResult)) { return; } context.Result = originalResult; } if (HasAllowAnonymous(context))//allow anonymous access { return; } bool isAuthenticated = context.HttpContext.User?.Identity?.IsAuthenticated ?? false; if (!isAuthenticated && !AuthorizationManager.IngoreAuthentication) { context.Result = new ChallengeResult(); return; } var verifyResult = await AuthorizationManager.AuthorizeAsync(new AuthorizeOptions() { Controller = context.RouteData.Values[WebConstants.Route.Controller]?.ToString() ?? string.Empty, Action = context.RouteData.Values[WebConstants.Route.Action]?.ToString() ?? string.Empty, Area = context.RouteData.Values[WebConstants.Route.Area]?.ToString() ?? string.Empty, Application = ApplicationManager.Current, Method = context?.HttpContext?.Request?.Method, Claims = context.HttpContext.User?.Claims?.ToDictionary(c => c.Type, c => c.Value) ?? new Dictionary <string, string>(0), ActionContext = context }).ConfigureAwait(false); if (verifyResult.AllowAccess) { return; } if (verifyResult.RedirectType == AuthorizeRedirectType.Default) { switch (verifyResult.Status) { case AuthorizationStatus.Success: break; case AuthorizationStatus.Challenge: context.Result = new ChallengeResult(); break; case AuthorizationStatus.Forbid: default: context.Result = new ForbidResult(); break; } } else { switch (verifyResult.RedirectType) { case AuthorizeRedirectType.RedirectToAction: context.Result = new RedirectToActionResult(verifyResult.Action, verifyResult.Controller, verifyResult.RouteValues); break; case AuthorizeRedirectType.RedirectToRoute: context.Result = new RedirectToRouteResult(verifyResult.RouteValues); break; case AuthorizeRedirectType.RedirectToUrl: UrlHelper urlHelper = new UrlHelper(context); if (urlHelper.IsLocalUrl(verifyResult.Url)) { context.Result = new LocalRedirectResult(verifyResult.Url); } else { context.Result = new RedirectResult(verifyResult.Url); } break; } } }