Blazor AuthorizeView：如何使用自定义授权筛选器

Question

Blazor AuthorizeView：如何使用自定义授权筛选器

Tom*_*man 5 c# authorization razor blazor blazor-boilerplate

我正在使用 Blazor Boilerplate 中的代码：( BlazorBoilerPlate GitHub )

@using Microsoft.AspNetCore.Components
@inject NavigationManager navigationManager
@inject AuthenticationStateProvider authStateProvider

<AuthorizeView Context="AuthorizeContext">
<Authorized>
    <MatTooltip Tooltip="Logout">
        <MatIconButton Icon="exit_to_app" RefBack="@context" OnClick="LogoutClick"></MatIconButton>
    </MatTooltip>
</Authorized>
<NotAuthorized>
    <MatTooltip Tooltip="Login">
        <MatIconButton Icon="account_box" RefBack="@context" Link="/account/login"></MatIconButton>
    </MatTooltip>
</NotAuthorized>

Run Code Online (Sandbox Code Playgroud)

@code {
     async Task LogoutClick()
     {
          await ((IdentityAuthenticationStateProvider)authStateProvider).Logout();
     navigationManager.NavigateTo("/account/login");
     }
}

Run Code Online (Sandbox Code Playgroud)

“AuthorizeContext”从哪里来？依赖注入？我如何在此处使用我自己的自定义授权过滤器。

只是寻找任何人都知道的关于这个特定论点的猜测或信息。

这是我的自定义 AuthorizationFilter，我不知道如何在 blazor razor 文件中使用它。

namespace BlazorBoilerplate.Shared.AuthorizationDefinitions

Run Code Online (Sandbox Code Playgroud)

{ 公共类 OfficeAuthorize : IAuthorizationFilter { 私有只读字符串 _scenario;

    public OfficeAuthorize(string scenario)
    {
        _scenario = scenario;
    }

    public void OnAuthorization(AuthorizationFilterContext context)
    {
        //context.HttpContext.Request.Query
        //custom validation rule
        if (_scenario == "OfficeAssignment")
        {
            context.Result = new ForbidResult();
        }
    }
}

public class OfficeAuthorizeAttribute : TypeFilterAttribute
{
    public OfficeAuthorizeAttribute(int input) : base(typeof(OfficeAuthorize))
    {
        Arguments = new object[] { input };
    }
}

Run Code Online (Sandbox Code Playgroud)

}

Answer 1

CSh*_*per 3

您可以AuthorizeView使用自定义组件来包装该组件。这是松散地基于框架代码的。

public class CustomAuthorizationView : AuthorizeView
{
    private AuthenticationState currentAuthenticationState;
    private bool isAuthorized;

    [Inject]
    private AuthenticationStateProvider AuthenticationStateProvider { get; set; }

    [CascadingParameter] 
    private Task<AuthenticationState> AuthenticationStateTask { get; set; }

    protected override void BuildRenderTree(RenderTreeBuilder builder)
    {
        if (currentAuthenticationState == null)
        {
            builder.AddContent(0, Authorizing);
        }
        else if (isAuthorized)
        {
            var authorizedContent = Authorized ?? ChildContent;
            builder.AddContent(1, authorizedContent?.Invoke(currentAuthenticationState));
        }
        else
        {
            builder.AddContent(2, NotAuthorized?.Invoke(currentAuthenticationState));
        }
    }

    protected override async Task OnParametersSetAsync()
    {           
        var user = (await authenticationStateProvider.GetAuthenticationStateAsync()).User;
        currentAuthenticationState = await AuthenticationStateTask;
        isAuthorized = //authorization logic
    }
}

Run Code Online (Sandbox Code Playgroud)

归档时间：	5 年，11 月前
查看次数：	5120 次
最近记录：	3 年，10 月前