public async Task <IEnumerable <string> > GetRpts(IEnumerable <string> resourceIds, string identityToken, string umaProtectionToken, string umaAuthorizationToken, IEnumerable <string> permissions) { if (string.IsNullOrWhiteSpace(identityToken)) { throw new ArgumentNullException(nameof(identityToken)); } if (string.IsNullOrWhiteSpace(umaProtectionToken)) { throw new ArgumentNullException(nameof(umaProtectionToken)); } if (string.IsNullOrWhiteSpace(umaAuthorizationToken)) { throw new ArgumentNullException(nameof(umaAuthorizationToken)); } Func <IEnumerable <string>, string, Task <IEnumerable <string> > > callback = new Func <IEnumerable <string>, string, Task <IEnumerable <string> > >(async(t, a) => { BulkAuthorizationResponse resp = null; try { resp = await GetAuthorizations(t, a, identityToken); } catch { throw new InvalidOperationException("you're not allowed to access to the resource"); } return(resp.Rpts); }); return(await CommonGetRpts(resourceIds, permissions, umaAuthorizationToken, umaProtectionToken, callback)); }
public async Task <ActionResult> GetAuthorizations([FromBody] IEnumerable <PostAuthorization> postAuthorizations) { if (postAuthorizations == null) { throw new ArgumentNullException(nameof(postAuthorizations)); } var parameters = postAuthorizations.Select(p => p.ToParameter()); var clientId = this.GetClientId(); var responses = await _authorizationActions.GetAuthorization(parameters, clientId); if (!responses.Any(r => r.AuthorizationPolicyResult == AuthorizationPolicyResultEnum.Authorized)) { return(new StatusCodeResult((int)HttpStatusCode.Forbidden)); } var content = new BulkAuthorizationResponse { Rpts = responses.Where(r => r.AuthorizationPolicyResult == AuthorizationPolicyResultEnum.Authorized) .Select(r => r.Rpt) }; return(new OkObjectResult(content)); }