Open-Harbor/dotnet-cqrs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

GQL Authorization Middleware implemented, will take care of controllers next.

Browse Source
This commit is contained in:
David Lebee
2021-02-04 21:00:24 -05:00
parent 45279da02b
commit 3e6c76ab18
9 changed files with 183 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Demo/Security/CommandAndQueryAuthorizationService.cs
+31
View File
@@ -0,0 +1,31 @@
using Microsoft.AspNetCore.Http;
using PoweredSoft.CQRS.Abstractions.Security;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
namespace Demo.Security
{
public class CommandAndQueryAuthorizationService : IQueryAuthorizationService, ICommandAuthorizationService
{
private readonly IHttpContextAccessor httpContextAccessor;
public CommandAndQueryAuthorizationService(IHttpContextAccessor httpContextAccessor)
{
this.httpContextAccessor = httpContextAccessor;
}
public Task<AuthorizationResult> IsAllowedAsync(Type queryOrCommandType, CancellationToken cancellationToken = default)
{
var authResult = httpContextAccessor.HttpContext.Request.Query["auth-result"].FirstOrDefault();
if (authResult == "Unauthorized")
return Task.FromResult(AuthorizationResult.Unauthorized);
else if (authResult == "Forbidden")
return Task.FromResult(AuthorizationResult.Forbidden);
return Task.FromResult(AuthorizationResult.Allowed);
}
}
}