зеркало из https://github.com/aspnet/Routing.git
60 строки
2.0 KiB
C#
60 строки
2.0 KiB
C#
// Copyright (c) .NET Foundation. All rights reserved.
|
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
|
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.Linq;
|
|
using System.Threading.Tasks;
|
|
using Microsoft.AspNetCore.Http;
|
|
using Microsoft.AspNetCore.Http.Features;
|
|
using Microsoft.Extensions.Logging;
|
|
using Microsoft.Extensions.Primitives;
|
|
|
|
namespace RoutingSample.Web.AuthorizationMiddleware
|
|
{
|
|
public class AuthorizationMiddleware
|
|
{
|
|
private readonly ILogger _logger;
|
|
private readonly RequestDelegate _next;
|
|
|
|
public AuthorizationMiddleware(ILogger<AuthorizationMiddleware> logger, RequestDelegate next)
|
|
{
|
|
if (logger == null)
|
|
{
|
|
throw new ArgumentNullException(nameof(logger));
|
|
}
|
|
|
|
if (next == null)
|
|
{
|
|
throw new ArgumentNullException(nameof(next));
|
|
}
|
|
|
|
_logger = logger;
|
|
_next = next;
|
|
}
|
|
|
|
public async Task Invoke(HttpContext httpContext)
|
|
{
|
|
var endpoint = httpContext.Features.Get<IEndpointFeature>()?.Endpoint;
|
|
if (endpoint != null)
|
|
{
|
|
var metadata = endpoint.Metadata.GetMetadata<AuthorizationMetadata>();
|
|
// Only run authorization if endpoint has metadata
|
|
if (metadata != null)
|
|
{
|
|
if (!httpContext.Request.Query.TryGetValue("x-role", out var role) ||
|
|
!metadata.Roles.Contains(role.ToString()))
|
|
{
|
|
httpContext.Response.StatusCode = 401;
|
|
httpContext.Response.ContentType = "text/plain";
|
|
await httpContext.Response.WriteAsync($"Unauthorized access to '{endpoint.DisplayName}'.");
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
|
|
await _next(httpContext);
|
|
}
|
|
}
|
|
}
|