dj-nitehawk/1-Program.cs

## 1-Program.cs
var builder = WebApplication.CreateBuilder();
builder.Services.AddTransient<IAuthorizationHandler, TestHandler>(); //Register your handler
builder.Services.AddFastEndpoints();
builder.Services.AddJWTBearerAuth("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
builder.Services.AddAuthorization(o =>
{
    //Set the default policy to use your requirements (so you don't have to set the policy on each endpoint)
    o.DefaultPolicy = new AuthorizationPolicyBuilder()
        .RequireAuthenticatedUser()
        .AddRequirements(new OperationAuthorizationRequirement()) //Using built-in requirement for testing here
        .Build();

    //Or if you don't mind setting the policy on each endpoint.
    //o.AddPolicy("MyPolicy", b => b.RequireAuthenticatedUser().AddRequirements(new OperationAuthorizationRequirement()).Build());
});
builder.Services.SwaggerDocument();

var app = builder.Build();
app.UseAuthentication();
app.UseAuthorization();
app.UseFastEndpoints();
app.UseSwaggerGen();
app.Run();

## 2-AuthNHandler.cs
public class TestHandler : AuthorizationHandler<OperationAuthorizationRequirement>
{
    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, OperationAuthorizationRequirement requirement)
    {
        if (context.User.HasClaim("UserId", "12345"))
        {
            context.Succeed(requirement);
        }
        return Task.CompletedTask;
    }
}

## 3-GetTokenEndpoint.cs
public class TokenEndpoint : EndpointWithoutRequest
{
    public override void Configure()
    {
        Get("/token");
        AllowAnonymous();
    }

    public override async Task HandleAsync(CancellationToken ct)
    {
        await SendAsync(
            JWTBearer.CreateToken(
                signingKey: "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
                claims: ("UserId", "001")));
    }
}

## 4-ProtectedEndpoint.cs
public class ProtectedEndpoint : EndpointWithoutRequest
{
    public override void Configure()
    {
        Get("/protected");
        //Policies("MyPolicy"); //If not setting DefaultPolicy, you need to uncomment this
    }

    public override async Task HandleAsync(CancellationToken ct)
    {
        await SendStringAsync("ok! you have permission to see this...");
    }
}
	var builder = WebApplication.CreateBuilder();
	builder.Services.AddTransient<IAuthorizationHandler, TestHandler>(); //Register your handler
	builder.Services.AddFastEndpoints();
	builder.Services.AddJWTBearerAuth("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
	builder.Services.AddAuthorization(o =>
	{
	//Set the default policy to use your requirements (so you don't have to set the policy on each endpoint)
	o.DefaultPolicy = new AuthorizationPolicyBuilder()
	.RequireAuthenticatedUser()
	.AddRequirements(new OperationAuthorizationRequirement()) //Using built-in requirement for testing here
	.Build();

	//Or if you don't mind setting the policy on each endpoint.
	//o.AddPolicy("MyPolicy", b => b.RequireAuthenticatedUser().AddRequirements(new OperationAuthorizationRequirement()).Build());
	});
	builder.Services.SwaggerDocument();

	var app = builder.Build();
	app.UseAuthentication();
	app.UseAuthorization();
	app.UseFastEndpoints();
	app.UseSwaggerGen();
	app.Run();
	public class TestHandler : AuthorizationHandler<OperationAuthorizationRequirement>
	{
	protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, OperationAuthorizationRequirement requirement)
	{
	if (context.User.HasClaim("UserId", "12345"))
	{
	context.Succeed(requirement);
	}
	return Task.CompletedTask;
	}
	}
	public class TokenEndpoint : EndpointWithoutRequest
	{
	public override void Configure()
	{
	Get("/token");
	AllowAnonymous();
	}

	public override async Task HandleAsync(CancellationToken ct)
	{
	await SendAsync(
	JWTBearer.CreateToken(
	signingKey: "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
	claims: ("UserId", "001")));
	}
	}
	public class ProtectedEndpoint : EndpointWithoutRequest
	{
	public override void Configure()
	{
	Get("/protected");
	//Policies("MyPolicy"); //If not setting DefaultPolicy, you need to uncomment this
	}

	public override async Task HandleAsync(CancellationToken ct)
	{
	await SendStringAsync("ok! you have permission to see this...");
	}
	}