500内部服务器错误,带有基于策略的身份验证asp.net核心

时间:2018-08-05 05:05:03

标签: c# asp.net asp.net-mvc asp.net-core asp.net-core-mvc

我正在尝试在asp.net core 2.1中进行基于策略的身份验证。由于依赖项注入I,面临500个内部服务器错误。无法弄清楚如何解决问题。

services.AddAuthorization(auth =>
            {
                auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
                    .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme‌​)
                    .RequireAuthenticatedUser().Build());

                auth.AddPolicy("canRead",
                               policy => policy.Requirements.Add(new PermissionRequirement(PermissionEnum.Read)));
                auth.AddPolicy("canCreate",
                               policy => policy.Requirements.Add(new PermissionRequirement(PermissionEnum.Write)));
                auth.AddPolicy("canUpdate",
                               policy => policy.Requirements.Add(new PermissionRequirement(PermissionEnum.Update)));
                auth.AddPolicy("canDelete",
                               policy => policy.Requirements.Add(new PermissionRequirement(PermissionEnum.Delete)));
            });
            services.AddSingleton<IAuthorizationHandler, PermissionHandler>();

这是权限检查代码

public class PermissionRequirement : IAuthorizationRequirement
    {
        public PermissionEnum _permission { get; }
        public PermissionRequirement(PermissionEnum permission)
        {
            _permission = permission;
        }
    }

    public class PermissionHandler : AuthorizationHandler<PermissionRequirement>
    {

        private readonly IAdminUOW permissionRepository;

        public PermissionHandler(IAdminUOW permissionRepository)
        {
            this.permissionRepository = permissionRepository;
        }

        protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
        {
            if (context.User == null)
            {
                // no user authorizedd. Alternatively call context.Fail() to ensure a failure 
                // as another handler for this requirement may succeed
                context.Fail();
            }
            bool hasPermission = await permissionRepository.CheckPermissionForUser(new Guid(context.User.ToString()), requirement._permission);
            if (hasPermission)
            {
                context.Succeed(requirement);
            }

        }

权限枚举 

[Flags]
    public enum PermissionEnum
    {
        None = 0,
        Read = 0x001,
        Write = 0x010,
        Delete = 0x011,
        Update = 0x100,
        ReadWrite = Read | Write,
        FullControl = ReadWrite | Update | Delete
    }
}

该错误是由services.AddSingleton<IAuthorizationHandler, PermissionHandler>();引起的,但不知道我在做什么错。

任何人都可以让我知道如何解决此问题。

参考-https://stormpath.com/blog/tutorial-policy-based-authorization-asp-net-core

1 个答案:

答案 0 :(得分:0)

问题出在代码

替换下面的代码

services.AddSingleton<IAuthorizationHandler, PermissionHandler>();

具有以下代码

services.AddTransient<IAuthorizationHandler, PermissionHandler>();
相关问题
最新问题