Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
486 views
in Technique[技术] by (71.8m points)

c# - Use Authorization middleware instead of AuthorizationAttribute ASPNET Core

I have a dedicated IdServer running that has the login page that other applications will boot unauthenticated users to.

My current pipeline is:

app.UseCookieAuthentication
app.UseOpenIdConnectAuthentication
app.UseDefaultFiles // because it is a SPA app
app.UseStaticFiles // the SPA app

So all tutorials say to use [Authorize] on your controllers...

However, I want middle to authorize all of my controllers, and static files.

So how do I write a middleware to handle that.

My current setup is:

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IOptions<IdentityServerAppOptions> identityServerAppOptions)
{
    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();

    var serverAppOptions = identityServerAppOptions.Value;

    loggerFactory.CreateLogger("Configure").LogDebug("Identity Server Authority Configured: {0}", serverAppOptions.Authority);

    JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
        AuthenticationScheme = "Cookies"
    });
    app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
    {
        AuthenticationScheme = "oidc",
        SignInScheme = "Cookies",

        Authority = serverAppOptions.Authority,
        RequireHttpsMetadata = false,

        ClientId = "Video",
        SaveTokens = true
    });

    app.Use(async (context, next) =>
    {
        var authService = context.RequestServices.GetRequiredService<IAuthorizationService>();


        if (!await authService.AuthorizeAsync(context.User, context, "Api"))
        {
            // This is as far as I have got, here we should boot them to IdServer
        }
    });

    app.UseDefaultFiles(new DefaultFilesOptions
    {
        DefaultFileNames = new List<string> { "index.html" },
        RequestPath = new PathString("")
    });
    app.UseStaticFiles(new StaticFileOptions
    {
        OnPrepareResponse = ctx =>
        {
            ctx.Context.Response.Headers.Append("Cache-Control", "no-cache");
        }
    });
    app.UseMvc();
}
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Just needed to add the AuthenticationManager Challenge:

app.Use(async (context, next) =>
{
    var authService = context.RequestServices.GetRequiredService<IAuthorizationService>();


    if (!await authService.AuthorizeAsync(context.User, context, "Api"))
    {
        await context.Authentication.ChallengeAsync("oidc");
    }
    else
    {
        await next();
    }
});

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...