OperationTypeAspNetCoreAuthorization 1.0.0
dotnet add package OperationTypeAspNetCoreAuthorization --version 1.0.0
NuGet\Install-Package OperationTypeAspNetCoreAuthorization -Version 1.0.0
<PackageReference Include="OperationTypeAspNetCoreAuthorization" Version="1.0.0" />
paket add OperationTypeAspNetCoreAuthorization --version 1.0.0
#r "nuget: OperationTypeAspNetCoreAuthorization, 1.0.0"
// Install OperationTypeAspNetCoreAuthorization as a Cake Addin
#addin nuget:?package=OperationTypeAspNetCoreAuthorization&version=1.0.0
// Install OperationTypeAspNetCoreAuthorization as a Cake Tool
#tool nuget:?package=OperationTypeAspNetCoreAuthorization&version=1.0.0
OperationTypeAspNetCoreAuthorization
ASP.NET Core supports Role-based authorization by using AuthorizeAttribute:
[Authorize(Roles = "HRManager,Finance")]
public class SalaryController : Controller
{
public IActionResult Payslip() =>
Content("HRManager || Finance");
}
Roles are hardcoded and can't be changed at runtime. OperationTypeAttribute
derives from AuthorizeAttribute
, it specifies an operation type for actions and allows to configure authorization dynamically:
public class SalaryController : Controller
{
[OperationType("View Payslip")]
public IActionResult Payslip() =>
Content("HRManager || Finance");
}
OperationTypeAttribute
checks if there is an AllowedOperationType
claim with the value of View Payslip
in jwt token to determine whether the user can access the action.
The authorization data can be saved in database:
foreach (var item in allowed-operation-types ?? new string[0])
{
await _roleManager.AddClaimAsync(role, new System.Security.Claims.Claim(ClaimTypes.AllowedOperationType, item));
}
When the user is logging in, add claims loaded from database into the jwt token:
[HttpPost("login")]
public async Task<IActionResult> Login(LoginArgs model)
{
// ...
var result = await _signInManager.PasswordSignInAsync(model.UserName, model.Password, false, lockoutOnFailure: false);
if (result.Succeeded)
{
ApplicationUser user = await _userManager.FindByNameAsync(model.UserName);
var roles = await _userManager.GetRolesAsync(user);
var claims = new List<Claim>
{
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.NameIdentifier, user.Id, ClaimValueTypes.String),
new Claim(ClaimTypes.Name, user.UserName),
};
// add user claims loaded from database
claims.AddRange(await _userManager.GetClaimsAsync(user));
foreach (var role in roles)
{
claims.Add(new Claim(ClaimTypes.Role, role));
ApplicationRole appRole = await _roleManager.FindByNameAsync(role);
// adds role claims loaded from database
claims.AddRange(await _roleManager.GetClaimsAsync(appRole));
}
var jwt = GenerateToken(claims);
return Ok(new
{
status = "ok",
token = jwt,
tokenExpiry = 60,
refreshToken = user.RefreshToken,
type = "Bearer",
userName = user.UserName,
currentAuthority = roles
});
}
return Ok(new
{
status = "error",
message = "..."
});
}
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net6.0 is compatible. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
-
net6.0
- No dependencies.
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Version | Downloads | Last updated |
---|---|---|
1.0.0 | 224 | 6/20/2022 |