ChrisChen/Church.Net.API
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Church.Net.API/WebAPI/Handlers/BasicAuthorizationMiddlewareResultHandler.cs
Chris Chen b33c0d8286 Update API
2022-09-30 09:40:42 -07:00

44 lines
1.6 KiB
C#
Raw Blame History

namespace WebAPI.Handlers
{
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Authorization.Policy;
using Microsoft.AspNetCore.Http;
using System.Linq;
using System.Threading.Tasks;
public class BasicAuthorizationMiddlewareResultHandler : IAuthorizationMiddlewareResultHandler
{
private readonly AuthorizationMiddlewareResultHandler defaultHandler = new();
public async Task HandleAsync(
RequestDelegate next,
HttpContext context,
AuthorizationPolicy policy,
PolicyAuthorizationResult authorizeResult)
{
// If the authorization was forbidden and the resource had a specific requirement,
// provide a custom 404 response.
if (authorizeResult.Forbidden
&& authorizeResult.AuthorizationFailure!.FailedRequirements
.OfType<Show404Requirement>().Any())
{
// Return a 404 to make it appear as if the resource doesn't exist.
context.Response.StatusCode = StatusCodes.Status404NotFound;
return;
}
if (string.IsNullOrWhiteSpace(context.Request.Headers["accessToken"]))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
return;
}
// Fall back to the default implementation.
//await defaultHandler.HandleAsync(next, context, policy, authorizeResult);
await next(context);
}
}
public class Show404Requirement : IAuthorizationRequirement { }
}
Reference in New Issue View Git Blame Copy Permalink