Fix AuthZ Regression (#6574)

2017-07-20 21:18:53 -07:00 · 2017-07-20 21:18:53 -07:00 · 36e24b7a31
parent 161b6e7b94
commit 36e24b7a31
2 changed files with 15 additions and 1 deletions
--- a/src/Microsoft.AspNetCore.Mvc.Core/Authorization/AuthorizeFilter.cs
+++ b/src/Microsoft.AspNetCore.Mvc.Core/Authorization/AuthorizeFilter.cs
@ -133,7 +133,7 @@ namespace Microsoft.AspNetCore.Mvc.Authorization
                return;
            }

-            var authorizeResult = await policyEvaluator.AuthorizeAsync(effectivePolicy, authenticateResult, context.HttpContext);
+            var authorizeResult = await policyEvaluator.AuthorizeAsync(effectivePolicy, authenticateResult, context.HttpContext, context);

            if (authorizeResult.Challenged)
            {
--- a/test/Microsoft.AspNetCore.Mvc.Core.Test/Authorization/AuthorizeFilterTest.cs
+++ b/test/Microsoft.AspNetCore.Mvc.Core.Test/Authorization/AuthorizeFilterTest.cs
@ -201,6 +201,20 @@ namespace Microsoft.AspNetCore.Mvc.Authorization
            Assert.Null(authorizationContext.Result);
        }

+        [Fact]
+        public async Task AuthZResourceShouldBeAuthorizationFilterContext()
+        {
+            // Arrange
+            var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireAssertion(c => c.Resource is AuthorizationFilterContext).Build());
+            var authorizationContext = GetAuthorizationContext();
+
+            // Act
+            await authorizeFilter.OnAuthorizationAsync(authorizationContext);
+
+            // Assert
+            Assert.Null(authorizationContext.Result);
+        }
+
        [Fact]
        public async Task Invoke_RequireUnknownRoleShouldForbid()
        {