Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to access current HttpContext in ASP.NET Core 2 Custom Policy-Based Authorization with AuthorizationHandlerContext

Tags:

c#

asp.net-core

.net-core

asp.net-core-2.0

How can I access current HttpContext to check for route and parameters inside AuthorizationHandlerContext of Custom Policy-Based Authorization inside ASP.NET Core 2?

Ref example: Custom Policy-Based Authorization

like image 564
Hrvoje Kusulja Avatar asked Dec 14 '17 09:12

Hrvoje Kusulja

People also ask

How do I find HttpContext current?

If you're writing custom middleware for the ASP.NET Core pipeline, the current request's HttpContext is passed into your Invoke method automatically: public Task Invoke(HttpContext context) { // Do something with the current HTTP context... }

How use HttpContext current in .NET Core?

ASP.NET Core apps access HttpContext through the IHttpContextAccessor interface and its default implementation HttpContextAccessor. It's only necessary to use IHttpContextAccessor when you need access to the HttpContext inside a service.

How would you apply an authorization policy to a controller in an ASP.NET Core application?

Role-Based Authorization in ASP.NET Core You can specify what roles are authorized to access a specific resource by using the [Authorize] attribute. You can even declare them in such a way that the authorization evaluates at the controller level, action level, or even at a global level. Let's take Slack as an example.

1 Answers

You should inject an instance of an IHttpContextAccessor into your AuthorizationHandler.

In the context of your example, this may look like the following:

public class BadgeEntryHandler : AuthorizationHandler<EnterBuildingRequirement> {     IHttpContextAccessor _httpContextAccessor = null;      public BadgeEntryHandler(IHttpContextAccessor httpContextAccessor)     {         _httpContextAccessor = httpContextAccessor;     }      protected override Task HandleRequirementAsync(         AuthorizationContext context,          EnterBuildingRequirement requirement)     {         HttpContext httpContext = _httpContextAccessor.HttpContext; // Access context here          if (context.User.HasClaim(c => c.Type == ClaimTypes.BadgeId &&                                        c.Issuer == "http://microsoftsecurity"))         {             context.Succeed(requirement);             return Task.FromResult(0);         }     } }

You may need to register this in your DI setup (if one of your dependencies has not already), as follows:

services.AddHttpContextAccessor();
like image 194
SpruceMoose Avatar answered Oct 01 '22 16:10

SpruceMoose
Sign in to Comment

Related questions

Thread safety of a Dictionary<TKey, TValue>
Read typed objects from XML using known XSD
Capture screenshot Including Semitransparent windows in .NET
How to generate WPF controls automatically based on XML file?
Difference between list.First(), list.ElementAt(0) and list[0]?
Querying Datatable with where condition
In C#, how can I detect if a character is a non-ASCII character?
Algorithm for implementing C# yield statement
Is there a nice way to split an int into two shorts (.NET)?
Why does my C# gzip produce a larger file than Fiddler or PHP?
Find closest location with longitude and latitude
How to cast or convert List of objects to queue of objects
Very large collection in .Net causes out-of-memory exception
Disable screen from autolocking on Windows Phone 7
How to generate a PNG file with C#?
How to get a Task that uses SynchronizationContext? And how are SynchronizationContext used anyway?
Remove $ from .ToString("{0:C}") formatted number
Enable copy, cut, past window in a rich text box
Why is converting between string and float wrong?
RestSharp get full URL of a request

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!