public async Task <HttpResponseMessage> CheckAccess([HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "checkAccess")] HttpRequestMessage req, ILogger log)
{
_ = req ?? throw new ArgumentNullException(nameof(req));
log.LogInformation(PolicyManagerResources.CheckAccessStartLog);
var claimsPrincipal = await tokenValidator.ValidateTokenAsync(req.Headers.Authorization);
if (claimsPrincipal == null)
{
return(new HttpResponseMessage(HttpStatusCode.Unauthorized));
}
var jsonValidationResult = await jsonHttpContentValidator.ValidateJsonAsync <CheckAccessRequest, CheckAccessRequestValidator>(req.Content);
if (!jsonValidationResult.IsValid)
{
return(jsonValidationResult.Message);
}
var groups = await microsoftGraphRepository.FetchMyGroupsAsync(req.Headers.Authorization);
var initialState = new InitialState <Group>()
{
ClaimsPrincipal = claimsPrincipal,
Identifier = jsonValidationResult.Item.RequestIdentifier,
Groups = groups,
};
var policyResults = await authorizationRepository.EvaluateAsync(req.Headers.Authorization, initialState);
log.LogInformation(PolicyManagerResources.CheckAccessEndLog);
var content = new StringContent(JsonSerializer.Serialize(policyResults), Encoding.UTF8, ContentTypes.Application.Json);
return(new HttpResponseMessage(HttpStatusCode.OK)
{
Content = content
});
}