public void OnActionExecuting(ActionExecutingContext context) { var endpointInfo = context.GetAuthorizeEndpointInfo(); var authorizeRoles = _authInfoProvider.GetAuthorizeRoles(endpointInfo); if (authorizeRoles == null) { return; } if (!_jwtInfoProvider.IsAuthorized || !authorizeRoles.Contains(_jwtInfoProvider.Role)) { throw new AuthenticationException(); } }