dotnet/aspnetcore

[Refactoring] Move local authz policies to global authz policies

Open

#45,220 opened on 2022年11月21日

GitHub で見る
 (3 comments) (0 reactions) (0 assignees)C# (10,653 forks)batch import
analyzerarea-authhelp wanted

Repository metrics

Stars
 (37,933 stars)
PR merge metrics
 (平均マージ 16d 9h) (30d で 258 merged PRs)

説明

Background and Motivation

In .NET 7, we introduced the RequireAuthorization extension method that allowed a user to construct and add an authorization policy onto an endpoint with on invocation. There are scenarios were users would want to factor these policies out to from endpoint-specific (local) to global policies on the application.

Proposed Refactoring

Refactoring Behavior and Message

When right-clicking on a line of code with a RequireAuthorization option the refactoring will be provided with the following message:

Convert to global authorization policy

Usage Scenarios

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddAuthorization();

var app = builder.Build();

app.UseAuthorization();

app.MapGet("/", () => "Hello world!")
  .RequireAuthorization(policy => p.RequireClaim("scope", "api-access")));

app.Run();

コントリビューターガイド