AuthZFilter should call into Service more
This commit is contained in:
parent
15f113ddb1
commit
f54a964815
|
|
@ -39,7 +39,7 @@ namespace Microsoft.AspNetCore.Mvc.Authorization
|
||||||
public AuthorizationPolicy Policy { get; }
|
public AuthorizationPolicy Policy { get; }
|
||||||
|
|
||||||
/// <inheritdoc />
|
/// <inheritdoc />
|
||||||
public virtual async Task OnAuthorizationAsync(Filters.AuthorizationFilterContext context)
|
public virtual async Task OnAuthorizationAsync(AuthorizationFilterContext context)
|
||||||
{
|
{
|
||||||
if (context == null)
|
if (context == null)
|
||||||
{
|
{
|
||||||
|
|
@ -76,9 +76,7 @@ namespace Microsoft.AspNetCore.Mvc.Authorization
|
||||||
var authService = httpContext.RequestServices.GetRequiredService<IAuthorizationService>();
|
var authService = httpContext.RequestServices.GetRequiredService<IAuthorizationService>();
|
||||||
|
|
||||||
// Note: Default Anonymous User is new ClaimsPrincipal(new ClaimsIdentity())
|
// Note: Default Anonymous User is new ClaimsPrincipal(new ClaimsIdentity())
|
||||||
if (httpContext.User == null ||
|
if (!await authService.AuthorizeAsync(httpContext.User, context, Policy))
|
||||||
!httpContext.User.Identities.Any(i => i.IsAuthenticated) ||
|
|
||||||
!await authService.AuthorizeAsync(httpContext.User, context, Policy))
|
|
||||||
{
|
{
|
||||||
context.Result = new ChallengeResult(Policy.AuthenticationSchemes.ToArray());
|
context.Result = new ChallengeResult(Policy.AuthenticationSchemes.ToArray());
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -26,6 +26,35 @@ namespace Microsoft.AspNetCore.Mvc.Authorization
|
||||||
Assert.True(authorizationContext.HttpContext.User.Identities.Any(i => i.IsAuthenticated));
|
Assert.True(authorizationContext.HttpContext.User.Identities.Any(i => i.IsAuthenticated));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task AuthorizeFilterCanAuthorizeNonAuthenticatedUser()
|
||||||
|
{
|
||||||
|
// Arrange
|
||||||
|
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireAssertion(_ => true).Build());
|
||||||
|
var authorizationContext = GetAuthorizationContext(services => services.AddAuthorization(), anonymous: true);
|
||||||
|
authorizationContext.HttpContext.User = new ClaimsPrincipal();
|
||||||
|
|
||||||
|
// Act
|
||||||
|
await authorizeFilter.OnAuthorizationAsync(authorizationContext);
|
||||||
|
|
||||||
|
// Assert
|
||||||
|
Assert.Null(authorizationContext.Result);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task AuthorizeFilterCanAuthorizeNullUser()
|
||||||
|
{
|
||||||
|
// Arrange
|
||||||
|
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireAssertion(_ => true).Build());
|
||||||
|
var authorizationContext = GetAuthorizationContext(services => services.AddAuthorization(), anonymous: true);
|
||||||
|
|
||||||
|
// Act
|
||||||
|
await authorizeFilter.OnAuthorizationAsync(authorizationContext);
|
||||||
|
|
||||||
|
// Assert
|
||||||
|
Assert.Null(authorizationContext.Result);
|
||||||
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public async Task Invoke_ValidClaimShouldNotFail()
|
public async Task Invoke_ValidClaimShouldNotFail()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue