dotnet/aspnetcore
Voir sur GitHub[Refactoring] Move local authz policies to global authz policies
Open
#45 220 ouverte le 21 nov. 2022
analyzerarea-authhelp wanted
Métriques du dépôt
- Stars
- (37 933 stars)
- Métriques de merge PR
- (Merge moyen 16j 9h) (258 PRs mergées en 30 j)
Description
Background and Motivation
In .NET 7, we introduced the RequireAuthorization extension method that allowed a user to construct and add an authorization policy onto an endpoint with on invocation. There are scenarios were users would want to factor these policies out to from endpoint-specific (local) to global policies on the application.
Proposed Refactoring
Refactoring Behavior and Message
When right-clicking on a line of code with a RequireAuthorization option the refactoring will be provided with the following message:
Convert to global authorization policy
Usage Scenarios
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthorization();
var app = builder.Build();
app.UseAuthorization();
app.MapGet("/", () => "Hello world!")
.RequireAuthorization(policy => p.RequireClaim("scope", "api-access")));
app.Run();