Bah*_*iei 5 c# authorization routedata .net-core .net-core-3.0
我已将 dotnet core 2.2 升级到 3.preview 7。
因此之后,我无法获取自定义属性。
context.Resource在版本 2.2 中是类型 of AuthorizationFilterContext,但在版本 3 中是类型 of Microsoft.AspNetCore.Http.Endpoint。
现在我无法从端点获取属性。
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc.Controllers;
using Microsoft.AspNetCore.Mvc.Filters;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Reflection;
using System.Threading.Tasks;
namespace Gamma.Core.Security
{
public abstract class AttributeAuthorizationHandler<TRequirement, TAttribute>
: AuthorizationHandler<TRequirement> where TRequirement
: IAuthorizationRequirement where TAttribute : Attribute
{
Microsoft.AspNetCore.Http.IHttpContextAccessor _httpContextAccessor = null;
public AttributeAuthorizationHandler(Microsoft.AspNetCore.Http.IHttpContextAccessor httpContextAccessor)
{
_httpContextAccessor = httpContextAccessor;
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, TRequirement requirement)
{
var attributes = new List<TAttribute>();
var action = (context.Resource as AuthorizationFilterContext)?.ActionDescriptor as ControllerActionDescriptor;
if (context.Resource is Microsoft.AspNetCore.Http.Endpoint endpoint)
{
//endpoint.
}
if (action != null)
{
attributes.AddRange(GetAttributes(action.MethodInfo));
}
return HandleRequirementAsync(context, requirement, attributes);
}
protected abstract Task HandleRequirementAsync(AuthorizationHandlerContext context, TRequirement requirement, IEnumerable<TAttribute> attributes);
private static IEnumerable<TAttribute> GetAttributes(MemberInfo memberInfo)
{
return memberInfo.GetCustomAttributes(typeof(TAttribute), false).Cast<TAttribute>();
}
}
}
我能够通过在Brian 的回答AuthorizationHandlerContext中使用来获取 .NET Core 3.1 中的自定义属性。ControllerActionDescriptor
private IEnumerable<TAttribute> GetAttributes<TAttribute>(AuthorizationHandlerContext authContext)
{
if (authContext.Resource is RouteEndpoint routeEndpoint)
{
var actionDescriptor = routeEndpoint.Metadata.OfType<ControllerActionDescriptor>().SingleOrDefault();
var attributes = actionDescriptor?.MethodInfo.GetCustomAttributes(typeof(TAttribute), false).Cast<TAttribute>();
return attributes;
}
return null;
}
尚未找到答案,但这可能会有所帮助:
https://learn.microsoft.com/en-us/aspnet/core/security/authorization/policies?view=aspnetcore-3.0有一个部分“在处理程序中访问 MVC 请求上下文”,但这是错误的。
然而,在“反馈”下,他们的 2 个问题看起来与最有希望的答案相关,即将下面的代码添加到AuthorizationHandler.
这可以访问controllerActionDescriptor,但正如你所看到的,我已经查看了各种属性,但没有一个属性给我当前的路由数据:
var controllerActionDescriptor = routeEndpoint.Metadata
.OfType<ControllerActionDescriptor>()
.SingleOrDefault();
if (controllerActionDescriptor != null)
{
var a = controllerActionDescriptor.AttributeRouteInfo;
var p = controllerActionDescriptor.Parameters;
var ep = controllerActionDescriptor.EndpointMetadata;
var r = controllerActionDescriptor.RouteValues;
}
| 归档时间: |
|
| 查看次数: |
3751 次 |
| 最近记录: |