private static string GetAuthorizationAttribute(AuthorizationModel authorizationModel) { if (authorizationModel == null) { throw new ArgumentNullException(nameof(authorizationModel)); } var fieldExpressions = new List <string>(); if (!string.IsNullOrWhiteSpace(authorizationModel.RolesExpression)) { fieldExpressions.Add($"Roles = {authorizationModel.RolesExpression}"); } if (!string.IsNullOrWhiteSpace(authorizationModel.Policy)) { fieldExpressions.Add($"Policy = {authorizationModel.Policy}"); } if (!string.IsNullOrWhiteSpace(authorizationModel.AuthenticationSchemesExpression)) { fieldExpressions.Add($"AuthenticationSchemes = {authorizationModel.AuthenticationSchemesExpression}"); } if (fieldExpressions.Any()) { return($"[Authorize ({string.Join(", ", fieldExpressions)})]"); } return("[Authorize]"); }
private string GetControllerAttributes() { var attributes = new List <string>(); if (IsControllerSecured()) { // We can extend this later (if desired) to have multiple Secure stereotypes create // multiple Authorization Models. var authModel = new AuthorizationModel(); GetDecorators().ToList().ForEach(x => x.UpdateServiceAuthorization(authModel, new ServiceSecureModel(Model, Model.GetSecured()))); attributes.Add(GetAuthorizationAttribute(authModel)); } attributes.Add($@"[Route(""{(string.IsNullOrWhiteSpace(Model.GetHttpServiceSettings().Route()) ? "api/[controller]" : Model.GetHttpServiceSettings().Route())}"")]"); return(string.Join(@" ", attributes)); }
private string GetOperationAttributes(OperationModel operation) { var attributes = new List <string>(); attributes.Add(GetHttpVerbAndPath(operation)); if (!IsControllerSecured() && operation.HasSecured()) { // We can extend this later (if desired) to have multiple Secure stereotypes create // multiple Authorization Models. var authModel = new AuthorizationModel(); GetDecorators().ToList().ForEach(x => x.UpdateOperationAuthorization(authModel, new OperationSecureModel(operation, operation.GetSecured()))); attributes.Add(GetAuthorizationAttribute(authModel)); } else if (IsControllerSecured() && operation.HasUnsecured()) { attributes.Add("[AllowAnonymous]"); } return(string.Join(@" ", attributes)); }
public virtual void UpdateOperationAuthorization(AuthorizationModel authorizationModel, OperationSecureModel secureModel) { }
public virtual void UpdateServiceAuthorization(AuthorizationModel authorizationModel, ServiceSecureModel secureModel) { }