private static IAuthorizeInfo GetAuthorizeInfo(ControllerActionDescriptor actionDescriptor, AspNetAuthorizationOptions options) { var methodInfo = actionDescriptor.GetMethodInfo(); if (!methodInfo.IsPublic && !methodInfo.GetCustomAttributes().OfType <IAuthorizeInfo>().Any()) { return(null); } if (AllowAnonymous(methodInfo, methodInfo.DeclaringType)) { return(null); } var authorizeInfo = TypeHelper .GetAttributesOfMember <IAuthorizeInfo>(actionDescriptor.MethodInfo) .FirstOrDefault(); if (authorizeInfo == null) { authorizeInfo = TypeHelper .GetAttributesOfType <IAuthorizeInfo>(actionDescriptor.ControllerTypeInfo.AsType()) .FirstOrDefault(); if (authorizeInfo != null && authorizeInfo.Permissions.Length == 0 && options.UseConventionedPermissions) { var area = !authorizeInfo.Area.IsNullOrWhiteSpace() ? authorizeInfo.Area + "." : ""; authorizeInfo = new ProtectedAttribute($"{area}{actionDescriptor.ControllerName}.{actionDescriptor.ActionName}"); } } return(authorizeInfo); }
public static async Task AuthorizeAsync(this IAuthorizationService authorizationService, AuthorizationFilterContext context, AspNetAuthorizationOptions options, CancellationToken cancellationToken) { if (!(context.ActionDescriptor is ControllerActionDescriptor actionDescriptor)) { return; } var authorizeInfo = GetAuthorizeInfo(actionDescriptor, options); if (authorizeInfo != null) { await authorizationService.AuthorizeAsync(new IAuthorizeInfo[] { authorizeInfo }, cancellationToken); } }