huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add AllowAnonymous extension method on IEndpointConventionBuilder (#21909)

This commit is contained in:
Kahbazi 2020-05-19 04:12:13 +04:30 committed by GitHub
parent 5889c10914
commit eff4e4bf52
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 51 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Security/Authorization/Policy/ref/Microsoft.AspNetCore.Authorization.Policy.netcoreapp.cs
View File

@ -44,6 +44,7 @@ namespace Microsoft.AspNetCore.Builder
}
public static partial class AuthorizationEndpointConventionBuilderExtensions
{
public static TBuilder AllowAnonymous<TBuilder>(this TBuilder builder) where TBuilder : Microsoft.AspNetCore.Builder.IEndpointConventionBuilder { throw null; }
public static TBuilder RequireAuthorization<TBuilder>(this TBuilder builder) where TBuilder : Microsoft.AspNetCore.Builder.IEndpointConventionBuilder { throw null; }
public static TBuilder RequireAuthorization<TBuilder>(this TBuilder builder, params Microsoft.AspNetCore.Authorization.IAuthorizeData[] authorizeData) where TBuilder : Microsoft.AspNetCore.Builder.IEndpointConventionBuilder { throw null; }
public static TBuilder RequireAuthorization<TBuilder>(this TBuilder builder, params string[] policyNames) where TBuilder : Microsoft.AspNetCore.Builder.IEndpointConventionBuilder { throw null; }

19
src/Security/Authorization/Policy/src/AuthorizationEndpointConventionBuilderExtensions.cs
View File

@ -13,6 +13,9 @@ namespace Microsoft.AspNetCore.Builder
/// </summary>
public static class AuthorizationEndpointConventionBuilderExtensions
{
private static readonly IAllowAnonymous _allowAnonymousMetadata = new AllowAnonymousAttribute();
/// <summary>
/// Adds the default authorization policy to the endpoint(s).
/// </summary>
@ -79,6 +82,22 @@ namespace Microsoft.AspNetCore.Builder
return builder;
}
/// <summary>
/// Allows anonymous access to the endpoint by adding <see cref="AllowAnonymousAttribute" /> to the endpoint metadata. This will bypass
/// all authorization checks for the endpoint including the default authorization policy and fallback authorization policy.
/// </summary>
/// <param name="builder">The endpoint convention builder.</param>
/// <returns>The original convention builder parameter.</returns>
public static TBuilder AllowAnonymous<TBuilder>(this TBuilder builder) where TBuilder : IEndpointConventionBuilder
{
builder.Add(endpointBuilder =>
{
endpointBuilder.Metadata.Add(_allowAnonymousMetadata);
});
return builder;
}
private static void RequireAuthorizationCore<TBuilder>(TBuilder builder, IEnumerable<IAuthorizeData> authorizeData)
where TBuilder : IEndpointConventionBuilder
{

31
src/Security/Authorization/test/AuthorizationEndpointConventionBuilderExtensionsTests.cs
View File

@ -121,6 +121,37 @@ namespace Microsoft.AspNetCore.Authorization.Test
Assert.True(chainedBuilder.TestProperty);
}
[Fact]
public void AllowAnonymous_Default()
{
// Arrange
var builder = new TestEndpointConventionBuilder();
// Act
builder.AllowAnonymous();
// Assert
var convention = Assert.Single(builder.Conventions);
var endpointModel = new RouteEndpointBuilder((context) => Task.CompletedTask, RoutePatternFactory.Parse("/"), 0);
convention(endpointModel);
Assert.IsAssignableFrom<IAllowAnonymous>(Assert.Single(endpointModel.Metadata));
}
[Fact]
public void AllowAnonymous_ChainedCall()
{
// Arrange
var builder = new TestEndpointConventionBuilder();
// Act
var chainedBuilder = builder.AllowAnonymous();
// Assert
Assert.True(chainedBuilder.TestProperty);
}
private class TestEndpointConventionBuilder : IEndpointConventionBuilder
{
public IList<Action<EndpointBuilder>> Conventions { get; } = new List<Action<EndpointBuilder>>();