/
AuthorizeOperationHandler.cs
62 lines (55 loc) · 1.81 KB
/
AuthorizeOperationHandler.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Security.Principal;
using System.Text;
using Microsoft.ApplicationServer.Http.Description;
using Microsoft.ApplicationServer.Http.Dispatcher;
namespace WcfWebApi.Preview5.Explorations.Common
{
public class AuthorizeOperationHandler : HttpOperationHandler
{
private readonly AuthorizeAttribute _attr;
public AuthorizeOperationHandler(AuthorizeAttribute attr)
{
_attr = attr;
}
protected override IEnumerable<HttpParameter> OnGetInputParameters()
{
yield return new HttpParameter("principal",typeof(IPrincipal));
}
protected override IEnumerable<HttpParameter> OnGetOutputParameters()
{
yield break;
}
protected override object[] OnHandle(object[] input)
{
var p = input[0] as IPrincipal;
Console.WriteLine(string.Format("Checking authorization. Require {0}, found {1}",_attr.Name, p.Identity.Name));
if (!_attr.Name.Equals(p.Identity.Name))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
Console.WriteLine("Allowing it");
return new object[0];
}
}
public class AuthorizeAttribute : Attribute
{
/*
private readonly string[] _roles;
public string[] Roles { get { return _roles; } }
public AuthorizeAttribute(string[] roles)
{
_roles = roles;
}
*/
public AuthorizeAttribute(string name)
{
_name = name;
}
private readonly string _name;
public String Name { get { return _name; } }
}
}