MediatR.RequestAuthorization
2.0.1
dotnet add package MediatR.RequestAuthorization --version 2.0.1
NuGet\Install-Package MediatR.RequestAuthorization -Version 2.0.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="MediatR.RequestAuthorization" Version="2.0.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="MediatR.RequestAuthorization" Version="2.0.1" />
<PackageReference Include="MediatR.RequestAuthorization" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add MediatR.RequestAuthorization --version 2.0.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: MediatR.RequestAuthorization, 2.0.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#addin nuget:?package=MediatR.RequestAuthorization&version=2.0.1
#tool nuget:?package=MediatR.RequestAuthorization&version=2.0.1
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
MediatR.RequestAuthorization
Authorization rules for MediatR. This library uses pipline behavior IPipelineBehavior<,> in mediator middleware.
Installing MediatR.RequestAuthorization
You should install MediatR.RequestAuthorization with NuGet:
Install-Package MediatR.RequestAuthorization
Or via the .NET Core command line interface:
dotnet add package MediatR.RequestAuthorization
Implement IUserContext and register it on DI container
Simple implementation for aspnetcore:
public class HttpUserContext : IUserContext
{
public IHttpContextAccessor Http { get; }
public HttpUserContext(IHttpContextAccessor http)
{
Http = http;
User = http?.HttpContext?.User;
}
public virtual string? ExtraAttribute(string key)
{
return null;
}
public ClaimsPrincipal? User { get; }
public string? Id
{
get
{
if (User?.Identity != null && User.Identity.IsAuthenticated)
{
return User.Claims.FirstOrDefault(p => p.Type == ClaimTypes.NameIdentifier)?.Value ?? User.Claims.FirstOrDefault(p => p.Type == "sub")?.Value;
}
return null;
}
}
public string Name => User?.Identity.Name;
public bool IsAuthenticated => User?.Identity != null && User.Identity.IsAuthenticated;
public virtual string? ClaimValue(string claimType)
{
return User?.Claims?.FirstOrDefault(p => p.Type == claimType)?.Value;
}
public virtual bool HasClaim(string type, string value)
{
return User?.HasClaim(type, value) ?? false;
}
public virtual bool HasClaim(Predicate<Claim> match)
{
return User?.HasClaim(match) ?? false;
}
}
Add IAuthorizationRule<YourQueryOrCommand> to your DI container
services.AddTrancient<IAuthorizationRule<YourQueryOrCommand>,MySecurityRuleImplementation>();
Register behavior IAuthorizationRule<YourQueryOrCommand> to your DI container
services.AddMediatR(cfg =>
{
cfg.RegisterServicesFromAssemblies(coreAsms); // all core handlers
cfg.AddOpenBehavior(typeof(RequestAuthorizationBehavior<,>)); // enable security
});
Common usage (Example):
Define authorization rule for your IRequest impl class
//your IRequest class
public class GetProfileQuery:IRequest<UserProfile>
{
}
// your IAuthorizationRule class
class GetProfileQuerySecurityRule:IAuthorizationRule<GetProfileQuery>
{
private readonly ISomeService _someService;
public GetProfileQuerySecurityRule(ISomeService someService)
{
_someService = someService;
}
public Task Authorize(TRequest request, IUserContext userContext, CancellationToken cancellationToken)
{
if(userContext.IsAuthenticated)
{
return SecurltyResult.Ok();
}
return SecurityResult.AnonimousUser(request);
}
}
SecurityResult is a static helper class, that wraps throwing Exceptions
AccessDeniedException is a helper Exception class. You may use your own exceptions.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. |
| .NET Core | netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
| .NET Standard | netstandard2.1 is compatible. |
| MonoAndroid | monoandroid was computed. |
| MonoMac | monomac was computed. |
| MonoTouch | monotouch was computed. |
| Tizen | tizen60 was computed. |
| Xamarin.iOS | xamarinios was computed. |
| Xamarin.Mac | xamarinmac was computed. |
| Xamarin.TVOS | xamarintvos was computed. |
| Xamarin.WatchOS | xamarinwatchos was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
.NETStandard 2.1
- MediatR (>= 12.5.0)
NuGet packages (1)
Showing the top 1 NuGet packages that depend on MediatR.RequestAuthorization:
| Package | Downloads |
|---|---|
|
MediatR.RequestAuthorization.AspNetCore
Authorization behaviour for MediatR. Extensions for Microsoft.DependencyInjection |
GitHub repositories
This package is not used by any popular GitHub repositories.