11-001 Security 之 Authorize

Posted on 2015-04-20 12:56 DotNet1010 阅读(148) 评论(0) 收藏举报

    public interface IAuthorizationRequirement {}

    public class DenyAnonymousAuthorizationRequirement : IAuthorizationRequirement { }

    public class ClaimsAuthorizationRequirement : IAuthorizationRequirement
    {
        public string ClaimType { get; set; }
        public IEnumerable<string> AllowedValues { get; set; }
    }




   public interface IAuthorizationHandler
    {
        Task HandleAsync(AuthorizationContext context);
    }

    public class PassThroughAuthorizationHandler : IAuthorizationHandler{}

   public abstract class AuthorizationHandler<TRequirement> : IAuthorizationHandler
                                   where TRequirement : IAuthorizationRequirement
  {
        public async Task HandleAsync(AuthorizationContext context)
        {
            foreach (var req in context.Policy.Requirements.OfType<TRequirement>())
            {
                if (await CheckAsync(context, req))
                {
                    context.Succeed(req);
                }
                else
                {
                    context.Fail();
                }
            }
        }

        public abstract Task<bool> CheckAsync(AuthorizationContext context, TRequirement requirement);
            
  }

  public class ClaimsAuthorizationHandler        : AuthorizationHandler<ClaimsAuthorizationRequirement>{}
  public class DenyAnonymousAuthorizationHandler : AuthorizationHandler<DenyAnonymousAuthorizationRequirement>

刷新页面返回顶部

.NET 程序员努力! 奋斗！

导航

公告

11-001 Security 之 Authorize

.NET 程序员 努力! 奋斗！

导航

公告

11-001 Security 之 Authorize

.NET 程序员努力! 奋斗！