如何从授权处理程序引用类

时间:2018-10-06 00:00:07

标签: c# asp.net-core

我有这个过滤器,我想引用一个类来使用它的方法。但是,我似乎无法在RoleVerificationHandler中使用它,甚至无法引用该方法。

这是在Startup.cs中的引用方式。我也不确定如何在这里注入类引用。

services.AddAuthorization(options =>
{
    options.AddPolicy("SystemAdministrator", policy => policy.Requirements.Add(new RolesFilter("SystemAdministrator", ApplicationGlobals.ApplicationName)));
});
services.AddSingleton<IAuthorizationHandler, RoleVerificationHandler>();

RolesFilter类

public class RolesFilter : IAuthorizationRequirement
{
    public String Role { get; set; }
    public String ApplicationName { get; set; }
    private DecodeToken decodeToken { get; set; }

    public RolesFilter(String Role,String ApplicationName, DecodeToken decodeToken)
    {
        this.Role = Role;
        this.ApplicationName = ApplicationName;
        this.decodeToken = decodeToken;
    }
}

public class RoleVerificationHandler : AuthorizationHandler<RolesFilter>
{
    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RolesFilter requirement)
    {
        //get roles based on app id, then check if the user has the correct role
        var roles = context.User.Claims.Where(c => c.Type == "Roles").Select(c => c.Value).ToList();
        foreach(var item in roles)
        {
            var currentItem = JsonConvert.DeserializeObject<UserRoleDetailsViewModel>(item);
            UserRoleDetailsViewModel urdvm = new UserRoleDetailsViewModel
            {
                Id = currentItem.Id,
                Name = currentItem.Name,
                ApplicationId = currentItem.ApplicationId,
                ApplicationName = currentItem.ApplicationName
            };
            if(requirement.Role == urdvm.Name && urdvm.ApplicationName == ApplicationGlobals.ApplicationName)
            {
                context.Succeed(requirement);
            }

        }
        return Task.CompletedTask;
    }
}

1 个答案:

答案 0 :(得分:0)

通过构造函数注入将所需的依赖项明确注入RoleVerificationHandler中。

引用Dependency injection in requirement handlers in ASP.NET Core

  

授权处理程序必须在配置期间使用服务注入在服务集合中注册。   ..... 

services.AddSingleton<IMyDependency, MyDependency>();
services.AddSingleton<IAuthorizationHandler, RoleVerificationHandler>();
  

当您的应用程序启动时,将创建处理程序的实例,并且DI会将您注册的依赖项注入到处理程序的构造函数中。

public class RoleVerificationHandler : AuthorizationHandler<RolesFilter> {
    private readonly IMyDependency dependency;

    public RoleVerificationHandler(IMyDependency dependency) {
        this.dependency = dependency;
    }

    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RolesFilter requirement)
    {
        //get roles based on app id, then check if the user has the correct role
        var roles = context.User.Claims.Where(c => c.Type == "Roles").Select(c => c.Value).ToList();
        foreach(var item in roles) {
            var currentItem = JsonConvert.DeserializeObject<UserRoleDetailsViewModel>(item);
            UserRoleDetailsViewModel urdvm = new UserRoleDetailsViewModel {
                Id = currentItem.Id,
                Name = currentItem.Name,
                ApplicationId = currentItem.ApplicationId,
                ApplicationName = currentItem.ApplicationName
            };
            if(requirement.Role == urdvm.Name && urdvm.ApplicationName == ApplicationGlobals.ApplicationName) {
                context.Succeed(requirement);
            }    
        }
        return Task.CompletedTask;
    }
}
相关问题
最新问题