Failed Authorization Policy Details in Logs

[stap123]

Would it be possible to have a feature where instead of the DefaultAuthorizationService logging a message saying Authorization Failed it gave a little more context to the failure.

Maybe something like saying Authorization Failed for Policy: "Policy Name" or Authorization Failed for Role: "Role Name" etc.

When you're building a complex application you can easily have many Authorize conditions being applied and it can be quite derived to find out what specifically failed.

[blowdart]

@HaoK seems reasonable. Can we sneak this into 3.0?

[huysentruitw]

How do we see this?

• Should each Requirement class override ToString?
• Do we add a method to IAuthorizationRequirement interface?
• Do we add a private method to LoggingExtensions for building the message?
• Other?

Also, are these error messages localized?

[xperiandri]

How to figure out what is wrong? I have such issue and I don't know even where to look 🤯

[HaoK]

Thanks for helping with this @wu-yafeng !