private bool CheckApiKey(AuthorizationFilterContext context) { if (!context.HttpContext.Request.Headers.TryGetValue(ApiKeyHeaderName, out var potentialKey)) { return(false); } var apiKey = ApiKeys.GetKey(potentialKey); if (apiKey == null || !apiKey.Value.Equals(potentialKey)) { return(false); } var allowedRoles = GetAllowedRoles().ToList(); return(!allowedRoles.Any() || allowedRoles.Any(x => IsInRole(x))); bool IsInRole(string roleName) => apiKey.Roles.Any(x => x.Equals(roleName, StringComparison.OrdinalIgnoreCase)); }