/// <summary>
/// Creates a new instance of <see cref="DefaultAuthorizationService"/>.
/// </summary>
/// <param name="policyProvider">The <see cref="IAuthorizationPolicyProvider"/> used to provide policies.</param>
/// <param name="handlers">The handlers used to fulfill <see cref="IAuthorizationRequirement"/>s.</param>
/// <param name="logger">The logger used to log messages, warnings and errors.</param>
/// <param name="contextFactory">The <see cref="IAuthorizationHandlerContextFactory"/> used to create the context to handle the authorization.</param>
/// <param name="evaluator">The <see cref="IAuthorizationEvaluator"/> used to determine if authorzation was successful.</param>
public DefaultAuthorizationService(IAuthorizationPolicyProvider policyProvider, IEnumerable <IAuthorizationHandler> handlers, ILogger logger, IAuthorizationHandlerContextFactory contextFactory, IAuthorizationEvaluator evaluator)
{
if (policyProvider == null)
{
throw new ArgumentNullException(nameof(policyProvider));
}
if (handlers == null)
{
throw new ArgumentNullException(nameof(handlers));
}
if (contextFactory == null)
{
throw new ArgumentNullException(nameof(contextFactory));
}
if (evaluator == null)
{
throw new ArgumentNullException(nameof(evaluator));
}
_handlers = InitializeHandlers(handlers);
_policyProvider = policyProvider;
_logger = logger ?? new DiagnosticsLoggerFactory().CreateDefaultLogger();
_contextFactory = contextFactory;
_evaluator = evaluator;
}
/// <summary>
/// Creates a new instance of <see cref="DefaultAuthorizationService"/>.
/// </summary>
/// <param name="policyProvider">The <see cref="IAuthorizationPolicyProvider"/> used to provide policies.</param>
/// <param name="handlers">The handlers used to fulfill <see cref="IAuthorizationRequirement"/>s.</param>
/// <param name="logger">The logger used to log messages, warnings and errors.</param>
/// <param name="contextFactory">The <see cref="IAuthorizationHandlerContextFactory"/> used to create the context to handle the authorization.</param>
/// <param name="evaluator">The <see cref="IAuthorizationEvaluator"/> used to determine if authorzation was successful.</param>
/// <param name="options">The <see cref="AuthorizationOptions"/> used.</param>
public DefaultAuthorizationService(IAuthorizationPolicyProvider policyProvider, IAuthorizationHandlerProvider handlers, ILogger <DefaultAuthorizationService> logger, IAuthorizationHandlerContextFactory contextFactory, IAuthorizationEvaluator evaluator, IOptions <AuthorizationOptions> options)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (policyProvider == null)
{
throw new ArgumentNullException(nameof(policyProvider));
}
if (handlers == null)
{
throw new ArgumentNullException(nameof(handlers));
}
if (logger == null)
{
throw new ArgumentNullException(nameof(logger));
}
if (contextFactory == null)
{
throw new ArgumentNullException(nameof(contextFactory));
}
if (evaluator == null)
{
throw new ArgumentNullException(nameof(evaluator));
}
_options = options.Value;
_handlers = handlers;
_policyProvider = policyProvider;
_logger = logger;
_evaluator = evaluator;
_contextFactory = contextFactory;
}
public static Task <AuthorizationResult> Authorize(this IProvideMetadata type,
ClaimsPrincipal principal,
object userContext,
IAuthorizationEvaluator evaluator)
{
var list = GetPolicies(type);
return(evaluator.Evaluate(principal, userContext, list));
}
public HackSystemAuthorizationService(
IAuthorizationPolicyProvider policyProvider,
IAuthorizationHandlerProvider handlers,
ILogger <DefaultAuthorizationService> logger,
IAuthorizationHandlerContextFactory contextFactory,
IAuthorizationEvaluator evaluator,
IOptions <AuthorizationOptions> options)
: base(policyProvider, handlers, logger, contextFactory, evaluator, options)
{
this.logger = logger;
}
public DefaultAuthorizationService(
IAuthorizationPolicyProvider policyProvider,
IAuthorizationHandlerProvider handlers,
ILogger <Microsoft.AspNetCore.Authorization.DefaultAuthorizationService> logger,
IAuthorizationHandlerContextFactory contextFactory,
IAuthorizationEvaluator evaluator,
IOptions <Microsoft.AspNetCore.Authorization.AuthorizationOptions> options,
IHttpContextPrincipalAccessor currentPrincipalAccessor,
IServiceProvider serviceProvider)
: base(policyProvider, handlers, logger, contextFactory, evaluator, options)
{
_currentPrincipalAccessor = currentPrincipalAccessor;
ServiceProvider = serviceProvider;
}
public AuthorizationService(
IAuthorizationPolicyProvider policyProvider,
IAuthorizationHandlerProvider handlers,
ILogger <AuthorizationService> logger,
IAuthorizationHandlerContextFactory contextFactory,
IAuthorizationEvaluator evaluator,
IOptions <AuthorizationOptions> options,
ICurrentPrincipalAccessor currentPrincipalAccessor,
IServiceProvider serviceProvider)
: base(policyProvider, handlers, logger, contextFactory, evaluator, options)
{
_currentPrincipalAccessor = currentPrincipalAccessor;
ServiceProvider = serviceProvider;
}
public SheaftIdentityAuthorizeService(
IHttpClientFactory httpClientFactory,
IHttpContextAccessor accessor,
IAuthorizationPolicyProvider policyProvider,
IAuthorizationHandlerProvider handlers,
IAuthorizationHandlerContextFactory contextFactory,
IAuthorizationEvaluator evaluator,
IOptions <AuthOptions> authOptions,
IOptions <CacheOptions> cacheOptions,
IDistributedCache cache)
{
_cache = cache;
_accessor = accessor;
_policyProvider = policyProvider;
_handlers = handlers;
_contextFactory = contextFactory;
_evaluator = evaluator;
_authOptions = authOptions;
_httpClientFactory = httpClientFactory;
_cacheOptions = cacheOptions;
}
public AuthorizationValidationRule(IAuthorizationEvaluator evaluator)
{
_evaluator = evaluator;
}
/// <summary>
/// Creates an instance of <see cref="AuthorizationValidationRule"/> with
/// the specified authorization evaluator.
/// </summary>
public CustomAuthorizationValidationRule(IAuthorizationEvaluator evaluator, IHttpContextAccessor httpContextAccessor)
{
_evaluator = evaluator;
_httpContextAccessor = httpContextAccessor;
}
public AuthorizationValidationRule(IAuthorizationEvaluator evaluator, IUserContextAccessor userContextAccessor)
{
_evaluator = evaluator;
_userContextAccessor = userContextAccessor;
}
public MyAuthService(IAuthorizationPolicyProvider policyProvider, IAuthorizationHandlerProvider handlers, ILogger <DefaultAuthorizationService> logger, IAuthorizationHandlerContextFactory contextFactory, IAuthorizationEvaluator evaluator, IOptions <AuthorizationOptions> options)
{
this.authBase = new DefaultAuthorizationService(policyProvider, handlers, logger, contextFactory, evaluator, options);
}
public DepanneurQuery(UserManager <User> userManager, ProductRepository products, UserRepository users, AuthorizationSettings gqlAuthSettings, IAuthorizationEvaluator eval)
{
Field <ProductType>(
"product",
description: "Finds a single product by ID.",
arguments: new QueryArguments(
new QueryArgument <NonNullGraphType <IntGraphType> > {
Name = "id", Description = "The ID of the product."
}
),
resolve: ctx => products.Get(ctx.GetArgument <int>("id"))
);
FieldAsync <ListGraphType <ProductType> >(
"products",
description: "All products, optionally including deleted products.",
arguments: new QueryArguments(
new QueryArgument <BooleanGraphType> {
Name = "includeDeleted", DefaultValue = false, Description = "Set to true to include deleted products in the results."
},
new QueryArgument <ProductSortEnumType>
{
Name = "sort",
DefaultValue = ProductSortOption.Alpha,
Description = "Indicates how results are sorted."
}
),
resolve: async ctx => {
var includeDeleted = ctx.GetArgument <bool>("includeDeleted");
var sort = ctx.GetArgument <ProductSortOption>("sort");
var currentUser = ctx.UserContext.As <DepanneurUserContext>().User;
var userId = userManager.GetUserId(currentUser);
if (includeDeleted)
{
await ctx.AuthorizeWith(Policies.ManageProducts);
}
if (ctx.HasError())
{
return(null);
}
var query = includeDeleted
? products.GetAll()
: products.GetActive();
query = sort == ProductSortOption.Usage
? query.SortedByTotalUsage(userId)
: query.OrderBy(x => x.Name);
return(query.ToList());
}
);
Field <UserType>(
"me",
description: "Gets the current user.",
resolve: ctx =>
{
var currentUser = ctx.UserContext.As <DepanneurUserContext>().User;
var id = userManager.GetUserId(currentUser);
return(users.Get(id));
}
);
Field <UserType>(
"user",
description: "Gets a specific user by it's ID.",
arguments: new QueryArguments(
new QueryArgument <NonNullGraphType <StringGraphType> > {
Name = "id", Description = "The ID of the user."
}
),
resolve: ctx =>
{
var id = ctx.GetArgument <string>("id");
return(users.Get(id));
}
).AuthorizeWith(Policies.ReadUsers);
Field <ListGraphType <UserType> >(
"users",
description: "All users, optionnaly including deleted users.",
arguments: new QueryArguments(
new QueryArgument <BooleanGraphType> {
Name = "includeDeleted", DefaultValue = false, Description = "Set to true to include deleted users in the results."
}
),
resolve: ctx => ctx.GetArgument <bool>("includeDeleted")
? users.GetAll().OrderBy(x => x.Name).ToList()
: users.GetActive().OrderBy(x => x.Name).ToList()
).AuthorizeWith(Policies.ReadUsers);
}
