protected override void Handle(AuthorizationContext context, Over18Requirement requirement) { if (!context.User.HasClaim(c => c.Type == ClaimTypes.DateOfBirth)) { context.Fail(); return; } var dateOfBirth = Convert.ToDateTime(context.User.FindFirst(c => c.Type == ClaimTypes.DateOfBirth).Value); int age = DateTime.Today.Year - dateOfBirth.Year; if (dateOfBirth > DateTime.Today.AddYears(-age)) { age--; } if (age >= 18) { context.Succeed(requirement); } else { context.Fail(); } }
public override void Handle(AuthorizationContext context, MyAuthRequirement requirement) { // grab the identity for the MyAuth authentication var myAuthIdentities = context.User.Identities.Where(x => x.AuthenticationType == "MyAuth").FirstOrDefault(); if (myAuthIdentities == null) { context.Fail(); return; } // grab the authentication header and uri types for our identity var authHeaderClaim = myAuthIdentities.Claims.Where(x => x.Type == ClaimTypes.Authentication).FirstOrDefault(); var uriClaim = context.User.Claims.Where(x => x.Type == ClaimTypes.Uri).FirstOrDefault(); if (uriClaim == null || authHeaderClaim == null) { context.Fail(); return; } // enforce our requirement (evaluate values from the identity/claims) if (/* passes our enforcement test */) { context.Succeed(requirement); } else { context.Fail(); } }
protected override void Handle(AuthorizationContext context, OperationAuthorizationRequirement requirement, Document resource) { if (context.User.Identity.Name == "davidfowler") { context.Fail(); return; } }
protected override void Handle(AuthorizationContext context, UserRequirement requirement) { if (!context.User.HasClaim(c => c.Type == "UserId")) { context.Fail(); return; } context.Succeed(requirement); }
protected override void Handle(AuthorizationContext context, OnlyRoleRequirement requirement) { if (context.User.IsInRole(_roleName)) { context.Succeed(requirement); return; } context.Fail(); }
protected override void Handle(AuthorizationContext context, TrustedWebClientRequirement requirement) { var resourceContext = context.Resource as Microsoft.AspNet.Mvc.Filters.AuthorizationContext; if (requirement.Validate(resourceContext.HttpContext, _config)) { context.Succeed(requirement); } else { context.Fail(); } }
protected override void Handle(AuthorizationContext context, ScopeRequierment requirement) { var tokenScope = context.User.FindFirst("Scope"); string[] tokenScopes = tokenScope.Value.Split(' '); foreach (var requiredScope in _requiredScopes) { if (!tokenScopes.Contains(requiredScope))//case sensative... { context.Fail(); return; } } context.Succeed(requirement); }
protected override void Handle(AuthorizationContext context, OperationAuthorizationRequirement requirement, Contact resource) { if (resource == null) { return; } // Return if we haven't requested this requirement. if (string.CompareOrdinal(requirement.Name, Constants.ContainsOne) != 0) { return; } if (!resource.Address.Contains("1")) { context.Fail(); } }
protected override void Handle(AuthorizationContext context, TokenAuthRequirement requirement) { var httpContext = (context.Resource as ActionContext).HttpContext; var request = httpContext.Request; if (SecurityHelper.SkipRequired(request.Path)) { context.Succeed(requirement); return; } if (IsAuthorizedForRequestedAction(context, requirement)) { context.Succeed(requirement); } else { httpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized; context.Fail(); } }
protected override void Handle(AuthorizationContext context, UsuarioTemClaim requirement) { bool valido = false; foreach (var acesso in _claims) { if (context.User.HasClaim(p => p.Type == acesso)) { valido = true; break; } } if (valido) { context.Succeed(requirement); return; } context.Fail(); }
protected override void Handle(AuthorizationContext context, OperationAuthorizationRequirement requirement, Document resource) { var isSuperUser = context.User.FindFirst(c => c.Type == "Superuser" && c.Issuer == "urn:idunno.org" && c.Value == "True"); if (isSuperUser != null) { context.Succeed(requirement); return; } var documentPermissionClaim = context.User.FindFirst(c => c.Type == "Documents" && c.Issuer == "urn:idunno.org"); if (documentPermissionClaim == null) { context.Fail(); return; } if (MapClaimsToOperations(documentPermissionClaim.Value).Contains(requirement)) { context.Succeed(requirement); } }