Add some basic logging to AuthZ/N
This commit is contained in:
parent
fd54c5af21
commit
e0464c9508
|
|
@ -104,6 +104,7 @@ namespace Microsoft.AspNet.Authentication
|
||||||
if (ticket?.Principal != null)
|
if (ticket?.Principal != null)
|
||||||
{
|
{
|
||||||
Context.User = SecurityHelper.MergeUserPrincipal(Context.User, ticket.Principal);
|
Context.User = SecurityHelper.MergeUserPrincipal(Context.User, ticket.Principal);
|
||||||
|
Logger.LogInformation(0, "HttContext.User merged via AutomaticAuthentication from authenticationScheme: {scheme}.", Options.AuthenticationScheme);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -209,11 +210,13 @@ namespace Microsoft.AspNet.Authentication
|
||||||
if (ticket?.Principal != null)
|
if (ticket?.Principal != null)
|
||||||
{
|
{
|
||||||
context.Authenticated(ticket.Principal, ticket.Properties.Items, Options.Description.Items);
|
context.Authenticated(ticket.Principal, ticket.Properties.Items, Options.Description.Items);
|
||||||
|
Logger.LogInformation(1, "AuthenticationScheme: {scheme} was successfully authenticated.", Options.AuthenticationScheme);
|
||||||
handled = true;
|
handled = true;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
context.NotAuthenticated();
|
context.NotAuthenticated();
|
||||||
|
Logger.LogVerbose(2, "AuthenticationScheme: {scheme} was not authenticated.", Options.AuthenticationScheme);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -241,6 +244,7 @@ namespace Microsoft.AspNet.Authentication
|
||||||
{
|
{
|
||||||
SignInAccepted = true;
|
SignInAccepted = true;
|
||||||
await HandleSignInAsync(context);
|
await HandleSignInAsync(context);
|
||||||
|
Logger.LogInformation(3, "AuthenticationScheme: {scheme} signed in.", Options.AuthenticationScheme);
|
||||||
context.Accept();
|
context.Accept();
|
||||||
}
|
}
|
||||||
else if (PriorHandler != null)
|
else if (PriorHandler != null)
|
||||||
|
|
@ -260,6 +264,7 @@ namespace Microsoft.AspNet.Authentication
|
||||||
{
|
{
|
||||||
SignOutAccepted = true;
|
SignOutAccepted = true;
|
||||||
await HandleSignOutAsync(context);
|
await HandleSignOutAsync(context);
|
||||||
|
Logger.LogInformation(4, "AuthenticationScheme: {scheme} signed out.", Options.AuthenticationScheme);
|
||||||
context.Accept();
|
context.Accept();
|
||||||
}
|
}
|
||||||
else if (PriorHandler != null)
|
else if (PriorHandler != null)
|
||||||
|
|
@ -310,9 +315,11 @@ namespace Microsoft.AspNet.Authentication
|
||||||
goto case ChallengeBehavior.Unauthorized;
|
goto case ChallengeBehavior.Unauthorized;
|
||||||
case ChallengeBehavior.Unauthorized:
|
case ChallengeBehavior.Unauthorized:
|
||||||
handled = await HandleUnauthorizedAsync(context);
|
handled = await HandleUnauthorizedAsync(context);
|
||||||
|
Logger.LogInformation(5, "AuthenticationScheme: {scheme} was challenged.", Options.AuthenticationScheme);
|
||||||
break;
|
break;
|
||||||
case ChallengeBehavior.Forbidden:
|
case ChallengeBehavior.Forbidden:
|
||||||
handled = await HandleForbiddenAsync(context);
|
handled = await HandleForbiddenAsync(context);
|
||||||
|
Logger.LogInformation(6, "AuthenticationScheme: {scheme} was forbidden.", Options.AuthenticationScheme);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
context.Accept();
|
context.Accept();
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,7 @@ using System.Collections.Generic;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
using Microsoft.Extensions.Logging;
|
||||||
using Microsoft.Extensions.OptionsModel;
|
using Microsoft.Extensions.OptionsModel;
|
||||||
|
|
||||||
namespace Microsoft.AspNet.Authorization
|
namespace Microsoft.AspNet.Authorization
|
||||||
|
|
@ -14,13 +15,29 @@ namespace Microsoft.AspNet.Authorization
|
||||||
{
|
{
|
||||||
private readonly IList<IAuthorizationHandler> _handlers;
|
private readonly IList<IAuthorizationHandler> _handlers;
|
||||||
private readonly AuthorizationOptions _options;
|
private readonly AuthorizationOptions _options;
|
||||||
|
private readonly ILogger _logger;
|
||||||
|
|
||||||
public DefaultAuthorizationService(IOptions<AuthorizationOptions> options, IEnumerable<IAuthorizationHandler> handlers)
|
public DefaultAuthorizationService(IOptions<AuthorizationOptions> options, IEnumerable<IAuthorizationHandler> handlers, ILogger<DefaultAuthorizationService> logger)
|
||||||
{
|
{
|
||||||
|
if (options == null)
|
||||||
|
{
|
||||||
|
throw new ArgumentNullException(nameof(options));
|
||||||
|
}
|
||||||
|
if (handlers == null)
|
||||||
|
{
|
||||||
|
throw new ArgumentNullException(nameof(handlers));
|
||||||
|
}
|
||||||
|
if (logger == null)
|
||||||
|
{
|
||||||
|
throw new ArgumentNullException(nameof(logger));
|
||||||
|
}
|
||||||
|
|
||||||
_handlers = handlers.ToArray();
|
_handlers = handlers.ToArray();
|
||||||
_options = options.Value;
|
_options = options.Value;
|
||||||
|
_logger = logger;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public async Task<bool> AuthorizeAsync(ClaimsPrincipal user, object resource, IEnumerable<IAuthorizationRequirement> requirements)
|
public async Task<bool> AuthorizeAsync(ClaimsPrincipal user, object resource, IEnumerable<IAuthorizationRequirement> requirements)
|
||||||
{
|
{
|
||||||
if (requirements == null)
|
if (requirements == null)
|
||||||
|
|
@ -33,7 +50,17 @@ namespace Microsoft.AspNet.Authorization
|
||||||
{
|
{
|
||||||
await handler.HandleAsync(authContext);
|
await handler.HandleAsync(authContext);
|
||||||
}
|
}
|
||||||
return authContext.HasSucceeded;
|
|
||||||
|
if (authContext.HasSucceeded)
|
||||||
|
{
|
||||||
|
_logger.LogInformation(0, "Authorization was successful for user: {userName}.", user?.Identity?.Name);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
_logger.LogInformation(1, "Authorization failed for user: {userName}.", user?.Identity?.Name);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public Task<bool> AuthorizeAsync(ClaimsPrincipal user, object resource, string policyName)
|
public Task<bool> AuthorizeAsync(ClaimsPrincipal user, object resource, string policyName)
|
||||||
|
|
|
||||||
|
|
@ -17,6 +17,7 @@ namespace Microsoft.AspNet.Authorization.Test
|
||||||
{
|
{
|
||||||
var services = new ServiceCollection();
|
var services = new ServiceCollection();
|
||||||
services.AddAuthorization();
|
services.AddAuthorization();
|
||||||
|
services.AddLogging();
|
||||||
if (setupServices != null)
|
if (setupServices != null)
|
||||||
{
|
{
|
||||||
setupServices(services);
|
setupServices(services);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue