public async Task <IActionResult> Secure()
{
var result = await _client.EvaluateAsync(User);
return(View(result));
//return View();
}
public static void MapUserPermissions(this IEndpointRouteBuilder builder, string path)
{
builder.MapGet(path, async ctx =>
{
_policyClient ??= ctx.RequestServices.GetService <IPolicyServerRuntimeClient>();
var result = await _policyClient.EvaluateAsync(ctx.User);
var text = JsonConvert.SerializeObject(result, _jsonSerializerSettings);
ctx.Response.ContentType = MediaTypeNames.Application.Json;
await ctx.Response.WriteAsync(text);
}).RequireAuthorization();
}
public async Task <IActionResult> GetPermissions()
{
logger.LogInformation("Retrieving authorization permissions for user.");
var authProperties = await policyClient.EvaluateAsync(User);
AuthorizationModel responseModel = new AuthorizationModel()
{
Permissions = authProperties.Permissions.ToList()
};
var permissionsPrefix = configuration.GetSection("PolicyServer").GetValue <string>("BasePolicyPrefix");
responseModel.Permissions = responseModel.Permissions.Select(p => $"{permissionsPrefix}.{p}").ToList();
return(Ok(responseModel));
}
/// <summary>
/// Invoke
/// </summary>
/// <param name="context">The context.</param>
/// <param name="client">The client.</param>
/// <returns></returns>
public async Task Invoke(HttpContext context, IPolicyServerRuntimeClient client)
{
if (context.User.Identity.IsAuthenticated)
{
var policy = await client.EvaluateAsync(context.User);
var roleClaims = policy.Roles.Select(x => new Claim("role", x));
var permissionClaims = policy.Permissions.Select(x => new Claim("permission", x));
var id = new ClaimsIdentity("PolicyServerMiddleware", "name", "role");
id.AddClaims(roleClaims);
id.AddClaims(permissionClaims);
context.User.AddIdentity(id);
}
await _next(context);
}