diff --git a/src/Microsoft.AspNetCore.Mvc.Core/Filters/AuthorizationFilterAttribute.cs b/src/Microsoft.AspNetCore.Mvc.Core/Filters/AuthorizationFilterAttribute.cs deleted file mode 100644 index 2f2eb5c9b6..0000000000 --- a/src/Microsoft.AspNetCore.Mvc.Core/Filters/AuthorizationFilterAttribute.cs +++ /dev/null @@ -1,53 +0,0 @@ -// Copyright (c) .NET Foundation. All rights reserved. -// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. - -using System; -using System.Linq; -using System.Threading.Tasks; -using Microsoft.AspNetCore.Mvc.Authorization; -using Microsoft.AspNetCore.Mvc.Internal; - -namespace Microsoft.AspNetCore.Mvc.Filters -{ - [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)] - public abstract class AuthorizationFilterAttribute : - Attribute, IAsyncAuthorizationFilter, IAuthorizationFilter, IOrderedFilter - { - public int Order { get; set; } - - public virtual Task OnAuthorizationAsync(AuthorizationFilterContext context) - { - if (context == null) - { - throw new ArgumentNullException(nameof(context)); - } - - OnAuthorization(context); - return TaskCache.CompletedTask; - } - - public virtual void OnAuthorization(AuthorizationFilterContext context) - { - } - - protected virtual bool HasAllowAnonymous(AuthorizationFilterContext context) - { - if (context == null) - { - throw new ArgumentNullException(nameof(context)); - } - - return context.Filters.Any(item => item is IAllowAnonymousFilter); - } - - protected virtual void Fail(AuthorizationFilterContext context) - { - if (context == null) - { - throw new ArgumentNullException(nameof(context)); - } - - context.Result = new UnauthorizedResult(); - } - } -} diff --git a/test/WebSites/FiltersWebSite/Filters/AuthorizeUserAttribute.cs b/test/WebSites/FiltersWebSite/Filters/AuthorizeUserAttribute.cs index 9af9ccca64..aff9a0d13d 100644 --- a/test/WebSites/FiltersWebSite/Filters/AuthorizeUserAttribute.cs +++ b/test/WebSites/FiltersWebSite/Filters/AuthorizeUserAttribute.cs @@ -1,6 +1,7 @@ // Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. +using System; using System.Reflection; using System.Security.Claims; using Microsoft.AspNetCore.Http; @@ -9,9 +10,9 @@ using Microsoft.AspNetCore.Mvc.Filters; namespace FiltersWebSite { - public class AuthorizeUserAttribute : AuthorizationFilterAttribute + public class AuthorizeUserAttribute : Attribute, IAuthorizationFilter { - public override void OnAuthorization(AuthorizationFilterContext context) + public virtual void OnAuthorization(AuthorizationFilterContext context) { var controllerActionDescriptor = (ControllerActionDescriptor)context.ActionDescriptor; if (controllerActionDescriptor.MethodInfo == diff --git a/test/WebSites/FiltersWebSite/Filters/BlockAnonymous.cs b/test/WebSites/FiltersWebSite/Filters/BlockAnonymous.cs index 2d61e58b0b..bc5707d2fa 100644 --- a/test/WebSites/FiltersWebSite/Filters/BlockAnonymous.cs +++ b/test/WebSites/FiltersWebSite/Filters/BlockAnonymous.cs @@ -1,13 +1,17 @@ // Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. +using System; +using System.Linq; +using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Mvc.Authorization; using Microsoft.AspNetCore.Mvc.Filters; namespace FiltersWebSite { - public class BlockAnonymous : AuthorizationFilterAttribute + public class BlockAnonymous : Attribute, IAuthorizationFilter { - public override void OnAuthorization(AuthorizationFilterContext context) + public void OnAuthorization(AuthorizationFilterContext context) { if (!HasAllowAnonymous(context)) { @@ -19,9 +23,20 @@ namespace FiltersWebSite if (userIsAnonymous) { - base.Fail(context); + context.Result = new UnauthorizedResult(); } } } + + private bool HasAllowAnonymous(AuthorizationFilterContext context) + { + if (context == null) + { + throw new ArgumentNullException(nameof(context)); + } + + return context.Filters.Any(item => item is IAllowAnonymousFilter); + } + } } \ No newline at end of file diff --git a/test/WebSites/FiltersWebSite/Filters/GlobalAuthorizationFilter.cs b/test/WebSites/FiltersWebSite/Filters/GlobalAuthorizationFilter.cs index 6cc3cba698..6ad76b5d57 100644 --- a/test/WebSites/FiltersWebSite/Filters/GlobalAuthorizationFilter.cs +++ b/test/WebSites/FiltersWebSite/Filters/GlobalAuthorizationFilter.cs @@ -1,6 +1,7 @@ // Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. +using System; using System.Reflection; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc.Controllers; @@ -8,9 +9,9 @@ using Microsoft.AspNetCore.Mvc.Filters; namespace FiltersWebSite { - public class GlobalAuthorizationFilter : AuthorizationFilterAttribute + public class GlobalAuthorizationFilter : Attribute, IAuthorizationFilter { - public override void OnAuthorization(AuthorizationFilterContext context) + public void OnAuthorization(AuthorizationFilterContext context) { var controllerActionDescriptor = (ControllerActionDescriptor)context.ActionDescriptor; if (controllerActionDescriptor.MethodInfo == diff --git a/test/WebSites/FiltersWebSite/Filters/ThrowingAuthorizationFilter.cs b/test/WebSites/FiltersWebSite/Filters/ThrowingAuthorizationFilter.cs index ef355630d4..1fba68673d 100644 --- a/test/WebSites/FiltersWebSite/Filters/ThrowingAuthorizationFilter.cs +++ b/test/WebSites/FiltersWebSite/Filters/ThrowingAuthorizationFilter.cs @@ -6,9 +6,9 @@ using Microsoft.AspNetCore.Mvc.Filters; namespace FiltersWebSite { - public class ThrowingAuthorizationFilter : AuthorizationFilterAttribute + public class ThrowingAuthorizationFilter : Attribute, IAuthorizationFilter { - public override void OnAuthorization(AuthorizationFilterContext context) + public void OnAuthorization(AuthorizationFilterContext context) { throw new InvalidProgramException("Authorization Filter Threw"); }