-
Notifications
You must be signed in to change notification settings - Fork 9.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[AuthZ] Add IRequirementData #44342
[AuthZ] Add IRequirementData #44342
Conversation
I went back to just enabling adding requirements via an attribute since that makes it a little simpler to combine as there already are existing ways to specify what authentication, i.e. |
Maybe we just need internal class MinimumAgeAuthorizeAttribute : AuthorizeAttribute, IRequirementData
{
public MinimumAgeAuthorizeAttribute(int age) => Age = age;
public int Age { get; }
IEnumerable<IAuthorizationRequirement> GetRequirements() => new[] {
new MinimumAgeRequirement(Age)
};
} |
Sounds good, but in your example, GetRequirements would be even simpler right, since we don't need to build the policy anymore, it'd just be: |
Oops, fixed. |
Okay updated, pretty tiny change that actually enables a lot |
Note: IRequirementData does trigger authorization by itself, so it doesn't require an |
@@ -374,6 +376,55 @@ public async Task CanApplyPolicyDirectlyToEndpoint() | |||
Assert.True(calledPolicy); | |||
} | |||
|
|||
public class ReqAttribute : Attribute, IRequirementData |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add an example that does:
public class ReqAttribute2 : AuthorizeAttribute, IRequirementData
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated and added the CanApplyAuthorizeRequirementAttributeDirectlyToEndpoint test below for this
Lets do API review, file an issue and lets get this checked in and marked for blogging 😄 cc @adityamandaleeka |
@HaoK, this change will be considered for inclusion in the blog post for the release it'll ship in. Nice work! Please ensure that the original comment in this thread contains a clear explanation of what the change does, why it's important (what problem does it solve?), and, if relevant, include things like code samples and/or performance numbers. This content may not be exactly what goes into the blog post, but it will help the team putting together the announcement. Thanks! |
May I suggest naming it |
Sounds reasonable I'll update the design issue with the suggested new name, but I won't update this PR until after the api review has been done in case of other feedback |
Explore allowing an attribute to add requirements