Exemplo n.º 1
0
        public async Task <AuthorizationPolicyResult> IsAuthorized(Ticket validTicket, string clientId, List <ClaimTokenParameter> claimTokenParameters)
        {
            if (validTicket == null)
            {
                throw new ArgumentNullException(nameof(validTicket));
            }

            if (string.IsNullOrWhiteSpace(clientId))
            {
                throw new ArgumentNullException(nameof(clientId));
            }

            var resourceSet = await _resourceSetRepository.Get(validTicket.ResourceSetId);

            if (resourceSet == null)
            {
                throw new BaseUmaException(ErrorCodes.InternalError,
                                           string.Format(ErrorDescriptions.TheResourceSetDoesntExist, validTicket.ResourceSetId));
            }

            if (resourceSet.Policies == null ||
                !resourceSet.Policies.Any())
            {
                return(new AuthorizationPolicyResult
                {
                    Type = AuthorizationPolicyResultEnum.Authorized
                });
            }

            foreach (var authorizationPolicy in resourceSet.Policies)
            {
                var result = await _basicAuthorizationPolicy.Execute(validTicket, authorizationPolicy, claimTokenParameters);

                if (result.Type != AuthorizationPolicyResultEnum.Authorized)
                {
                    _umaServerEventSource.AuthorizationPolicyFailed(authorizationPolicy.Id);
                    return(result);
                }
            }

            return(new AuthorizationPolicyResult
            {
                Type = AuthorizationPolicyResultEnum.Authorized
            });
        }