| | | 1 | | using JetBrains.Annotations; |
| | | 2 | | using Microsoft.AspNetCore.Authorization; |
| | | 3 | | |
| | | 4 | | namespace Elsa.Http.Handlers; |
| | | 5 | | |
| | | 6 | | /// <summary> |
| | | 7 | | /// An <see cref="IHttpEndpointAuthorizationHandler"/> that uses the <see cref="IAuthorizationService"/> to authorize an |
| | | 8 | | /// </summary> |
| | | 9 | | [PublicAPI] |
| | | 10 | | public class AuthenticationBasedHttpEndpointAuthorizationHandler : IHttpEndpointAuthorizationHandler |
| | | 11 | | { |
| | | 12 | | private readonly IAuthorizationService _authorizationService; |
| | | 13 | | |
| | | 14 | | /// <summary> |
| | | 15 | | /// Initializes a new instance of the <see cref="AuthenticationBasedHttpEndpointAuthorizationHandler"/> class. |
| | | 16 | | /// </summary> |
| | 428 | 17 | | public AuthenticationBasedHttpEndpointAuthorizationHandler(IAuthorizationService authorizationService) => _authoriza |
| | | 18 | | |
| | | 19 | | /// <inheritdoc /> |
| | | 20 | | public async ValueTask<bool> AuthorizeAsync(AuthorizeHttpEndpointContext context) |
| | | 21 | | { |
| | 0 | 22 | | var httpContext = context.HttpContext; |
| | 0 | 23 | | var user = httpContext.User; |
| | 0 | 24 | | var identity = user.Identity; |
| | | 25 | | |
| | 0 | 26 | | if (identity == null) |
| | 0 | 27 | | return false; |
| | | 28 | | |
| | 0 | 29 | | if (identity.IsAuthenticated == false) |
| | 0 | 30 | | return false; |
| | | 31 | | |
| | 0 | 32 | | if (string.IsNullOrWhiteSpace(context.Policy)) |
| | 0 | 33 | | return identity.IsAuthenticated; |
| | | 34 | | |
| | 0 | 35 | | var protectedResource = new |
| | 0 | 36 | | { |
| | 0 | 37 | | context.Workflow |
| | 0 | 38 | | }; |
| | | 39 | | |
| | 0 | 40 | | var authorizationResult = await _authorizationService.AuthorizeAsync(user, protectedResource, context.Policy!); |
| | | 41 | | |
| | 0 | 42 | | return authorizationResult.Succeeded; |
| | 0 | 43 | | } |
| | | 44 | | } |