Skip to content
All gists
Back to GitHub
Sign in
Sign up
Sign in
Sign up
{{ message }}
Instantly share code, notes, and snippets.
deepumi
/
BearerAuthorizeFilter.cs
Created
May 24, 2020
Star
0
Fork
0
Star
Code
Revisions
1
Embed
What would you like to do?
Embed
Embed this gist in your website.
Share
Copy sharable link for this gist.
Clone via HTTPS
Clone with Git or checkout with SVN using the repository’s web address.
Learn more about clone URLs
Download ZIP
Custom bearer authorize filter for ASP.NET Core 5.0
Raw
BearerAuthorizeFilter.cs
public
sealed
class
BearerAuthorizeFilter
:
IAsyncAuthorizationFilter
{
public
async
Task
OnAuthorizationAsync
(
AuthorizationFilterContext
context
)
{
if
(
context
?
.
HttpContext
?
.
Request
?
.
Headers
==
null
)
throw
new
ArgumentNullException
(
nameof
(
context
));
if
(
!
context
.
HttpContext
.
Request
.
Headers
.
ContainsKey
(
"
Authorization
"
))
context
.
Result
=
CreateUnauthorized
();
var
policyEvaluator
=
context
.
HttpContext
.
RequestServices
.
GetRequiredService
<
IPolicyEvaluator
>();
var
authenticateResult
=
await
policyEvaluator
.
AuthenticateAsync
(
default
,
context
.
HttpContext
);
var
authorizeResult
=
await
policyEvaluator
.
AuthorizeAsync
(
default
,
authenticateResult
,
context
.
HttpContext
,
context
);
if
(
authorizeResult
.
Challenged
)
{
context
.
Result
=
CreateUnauthorized
();
return
;
}
context
.
HttpContext
.
User
=
authenticateResult
.
Principal
;
static
IActionResult
CreateUnauthorized
()
=>
new
UnauthorizedObjectResult
(
new
ErrorMessage
(
"
Unauthorized
"
,
401
));
}
}
Sign up for free
to join this conversation on GitHub
. Already have an account?
Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window.
Reload
to refresh your session.
You signed out in another tab or window.
Reload
to refresh your session.