dotnet/aspnetcore

[Refactoring] Move local authz policies to global authz policies

Open

#45.220 aberto em 21 de nov. de 2022

Ver no GitHub
 (3 comments) (0 reactions) (0 assignees)C# (10.653 forks)batch import
analyzerarea-authhelp wanted

Métricas do repositório

Stars
 (37.933 stars)
Métricas de merge de PR
 (Mesclagem média 16d 9h) (258 fundiu PRs em 30d)

Description

Background and Motivation

In .NET 7, we introduced the RequireAuthorization extension method that allowed a user to construct and add an authorization policy onto an endpoint with on invocation. There are scenarios were users would want to factor these policies out to from endpoint-specific (local) to global policies on the application.

Proposed Refactoring

Refactoring Behavior and Message

When right-clicking on a line of code with a RequireAuthorization option the refactoring will be provided with the following message:

Convert to global authorization policy

Usage Scenarios

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddAuthorization();

var app = builder.Build();

app.UseAuthorization();

app.MapGet("/", () => "Hello world!")
  .RequireAuthorization(policy => p.RequireClaim("scope", "api-access")));

app.Run();

Guia do colaborador