Skip to content

Instantly share code, notes, and snippets.

@BertCraven

BertCraven/ClaimsAuthorizingInterceptor.cs

Created March 27, 2011 16:01
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save BertCraven/889324 to your computer and use it in GitHub Desktop.
Save BertCraven/889324 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ClaimsAuthorizingInterceptor.cs
namespace AzureClaimsAuthenticator
{
using System.Linq;
using OpenRasta.Authentication;
using OpenRasta.DI;
using OpenRasta.OperationModel.Interceptors;
using OpenRasta.Web;
public class ClaimsAuthorizingInterceptor : OperationInterceptor
{
readonly IDependencyResolver resolver;
public ClaimsAuthorizingInterceptor(IDependencyResolver resolver)
{
this.resolver = resolver;
}
public override bool BeforeExecute(OpenRasta.OperationModel.IOperation operation)
{
var attribute = operation.FindAttribute<RequiresClaimsAttribute>();
if (attribute != null)
{
var context = resolver.Resolve<ICommunicationContext>();
if (!CheckAccess(context))
{
context.OperationResult = new OperationResult.Unauthorized();
return false;
}
}
return base.BeforeExecute(operation);
}
protected static bool CheckAccess(ICommunicationContext context)
{
var operations = context.PipelineData.Operations.ToList();
var method = operations[0];
var attribute = method.FindAttribute<RequiresClaimsAttribute>();
if (attribute != null)
{
return context.User.IsInRole(string.Format("{0}:{1}", attribute.ClaimType, attribute.ClaimValue));
}
return true;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment