/
AuthorizationBuilder.cs
149 lines (134 loc) · 6.26 KB
/
AuthorizationBuilder.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
using System;
using System.Collections.Generic;
using Microsoft.Extensions.DependencyInjection;
namespace Microsoft.AspNetCore.Authorization;
/// <summary>
/// Used to configure authorization
/// </summary>
public class AuthorizationBuilder
{
/// <summary>
/// Initializes a new instance of <see cref="AuthorizationBuilder"/>.
/// </summary>
/// <param name="services">The services being configured.</param>
public AuthorizationBuilder(IServiceCollection services)
=> Services = services;
/// <summary>
/// The services being configured.
/// </summary>
public virtual IServiceCollection Services { get; }
/// <summary>
/// Determines whether authorization handlers should be invoked after <see cref="AuthorizationHandlerContext.HasFailed"/>.
/// Defaults to true.
/// </summary>
/// <returns>The builder.</returns>
public virtual AuthorizationBuilder SetInvokeHandlersAfterFailure(bool invoke)
{
Services.Configure<AuthorizationOptions>(o => o.InvokeHandlersAfterFailure = invoke);
return this;
}
/// <summary>
/// Sets the default authorization policy. Defaults to require authenticated users.
/// </summary>
/// <remarks>
/// The default policy used when evaluating <see cref="IAuthorizeData"/> with no policy name specified.
/// </remarks>
/// <returns>The builder.</returns>
public virtual AuthorizationBuilder SetDefaultPolicy(AuthorizationPolicy policy)
{
Services.Configure<AuthorizationOptions>(o => o.DefaultPolicy = policy);
return this;
}
/// <summary>
/// Sets the fallback authorization policy used by <see cref="AuthorizationPolicy.CombineAsync(IAuthorizationPolicyProvider, IEnumerable{IAuthorizeData})"/>
/// when no IAuthorizeData have been provided. As a result, the AuthorizationMiddleware uses the fallback policy
/// if there are no <see cref="IAuthorizeData"/> instances for a resource. If a resource has any <see cref="IAuthorizeData"/>
/// then they are evaluated instead of the fallback policy. By default the fallback policy is null, and usually will have no
/// effect unless you have the AuthorizationMiddleware in your pipeline. It is not used in any way by the
/// default <see cref="IAuthorizationService"/>.
/// </summary>
/// <returns>The builder.</returns>
public virtual AuthorizationBuilder SetFallbackPolicy(AuthorizationPolicy? policy)
{
Services.Configure<AuthorizationOptions>(o => o.FallbackPolicy = policy);
return this;
}
/// <summary>
/// Adds a <see cref="AuthorizationPolicy"/> which can be used by <see cref="IAuthorizationService"/>.
/// </summary>
/// <param name="name">The name of this policy.</param>
/// <param name="policy">The <see cref="AuthorizationPolicy"/>.></param>
/// <returns>The builder.</returns>
public virtual AuthorizationBuilder AddPolicy(string name, AuthorizationPolicy policy)
{
Services.Configure<AuthorizationOptions>(o => o.AddPolicy(name, policy));
return this;
}
/// <summary>
/// Add a policy that is built from a delegate with the provided name.
/// </summary>
/// <param name="name">The name of the policy.</param>
/// <param name="configurePolicy">The delegate that will be used to build the policy.</param>
/// <returns>The builder.</returns>
public virtual AuthorizationBuilder AddPolicy(string name, Action<AuthorizationPolicyBuilder> configurePolicy)
{
Services.Configure<AuthorizationOptions>(o => o.AddPolicy(name, configurePolicy));
return this;
}
/// <summary>
/// Add a policy that is built from a delegate with the provided name and used as the default policy.
/// </summary>
/// <param name="name">The name of the default policy.</param>
/// <param name="policy">The default <see cref="AuthorizationPolicy"/>.></param>
/// <returns>The builder.</returns>
public virtual AuthorizationBuilder AddDefaultPolicy(string name, AuthorizationPolicy policy)
{
SetDefaultPolicy(policy);
return AddPolicy(name, policy);
}
/// <summary>
/// Add a policy that is built from a delegate with the provided name and used as the DefaultPolicy.
/// </summary>
/// <param name="name">The name of the DefaultPolicy.</param>
/// <param name="configurePolicy">The delegate that will be used to build the DefaultPolicy.</param>
/// <returns>The builder.</returns>
public virtual AuthorizationBuilder AddDefaultPolicy(string name, Action<AuthorizationPolicyBuilder> configurePolicy)
{
if (configurePolicy == null)
{
throw new ArgumentNullException(nameof(configurePolicy));
}
var policyBuilder = new AuthorizationPolicyBuilder();
configurePolicy(policyBuilder);
return AddDefaultPolicy(name, policyBuilder.Build());
}
/// <summary>
/// Add a policy that is built from a delegate with the provided name and used as the FallbackPolicy.
/// </summary>
/// <param name="name">The name of the FallbackPolicy.</param>
/// <param name="policy">The Fallback <see cref="AuthorizationPolicy"/>.></param>
/// <returns>The builder.</returns>
public virtual AuthorizationBuilder AddFallbackPolicy(string name, AuthorizationPolicy policy)
{
SetFallbackPolicy(policy);
return AddPolicy(name, policy);
}
/// <summary>
/// Add a policy that is built from a delegate with the provided name and used as the FallbackPolicy.
/// </summary>
/// <param name="name">The name of the Fallback policy.</param>
/// <param name="configurePolicy">The delegate that will be used to build the Fallback policy.</param>
/// <returns>The builder.</returns>
public virtual AuthorizationBuilder AddFallbackPolicy(string name, Action<AuthorizationPolicyBuilder> configurePolicy)
{
if (configurePolicy == null)
{
throw new ArgumentNullException(nameof(configurePolicy));
}
var policyBuilder = new AuthorizationPolicyBuilder();
configurePolicy(policyBuilder);
return AddFallbackPolicy(name, policyBuilder.Build());
}
}