OperationTypeAspNetCoreAuthorization 1.0.0
dotnet add package OperationTypeAspNetCoreAuthorization --version 1.0.0
NuGet\Install-Package OperationTypeAspNetCoreAuthorization -Version 1.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="OperationTypeAspNetCoreAuthorization" Version="1.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add OperationTypeAspNetCoreAuthorization --version 1.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: OperationTypeAspNetCoreAuthorization, 1.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install OperationTypeAspNetCoreAuthorization as a Cake Addin
#addin nuget:?package=OperationTypeAspNetCoreAuthorization&version=1.0.0
// Install OperationTypeAspNetCoreAuthorization as a Cake Tool
#tool nuget:?package=OperationTypeAspNetCoreAuthorization&version=1.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
OperationTypeAspNetCoreAuthorization
ASP.NET Core supports Role-based authorization by using AuthorizeAttribute:
[Authorize(Roles = "HRManager,Finance")]
public class SalaryController : Controller
{
public IActionResult Payslip() =>
Content("HRManager || Finance");
}
Roles are hardcoded and can't be changed at runtime. OperationTypeAttribute derives from AuthorizeAttribute, it specifies an operation type for actions and allows to configure authorization dynamically:
public class SalaryController : Controller
{
[OperationType("View Payslip")]
public IActionResult Payslip() =>
Content("HRManager || Finance");
}
OperationTypeAttribute checks if there is an AllowedOperationType claim with the value of View Payslip in jwt token to determine whether the user can access the action.
The authorization data can be saved in database:
foreach (var item in allowed-operation-types ?? new string[0])
{
await _roleManager.AddClaimAsync(role, new System.Security.Claims.Claim(ClaimTypes.AllowedOperationType, item));
}
When the user is logging in, add claims loaded from database into the jwt token:
[HttpPost("login")]
public async Task<IActionResult> Login(LoginArgs model)
{
// ...
var result = await _signInManager.PasswordSignInAsync(model.UserName, model.Password, false, lockoutOnFailure: false);
if (result.Succeeded)
{
ApplicationUser user = await _userManager.FindByNameAsync(model.UserName);
var roles = await _userManager.GetRolesAsync(user);
var claims = new List<Claim>
{
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.NameIdentifier, user.Id, ClaimValueTypes.String),
new Claim(ClaimTypes.Name, user.UserName),
};
// add user claims loaded from database
claims.AddRange(await _userManager.GetClaimsAsync(user));
foreach (var role in roles)
{
claims.Add(new Claim(ClaimTypes.Role, role));
ApplicationRole appRole = await _roleManager.FindByNameAsync(role);
// adds role claims loaded from database
claims.AddRange(await _roleManager.GetClaimsAsync(appRole));
}
var jwt = GenerateToken(claims);
return Ok(new
{
status = "ok",
token = jwt,
tokenExpiry = 60,
refreshToken = user.RefreshToken,
type = "Bearer",
userName = user.UserName,
currentAuthority = roles
});
}
return Ok(new
{
status = "error",
message = "..."
});
}
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net6.0
- No dependencies.
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
| Version | Downloads | Last updated |
|---|---|---|
| 1.0.0 | 224 | 6/20/2022 |