Community
Learn
Tools Library
AI Tools
Leisure
search
English
Home > Backend Development > C++ > How to Implement Custom Authorization in ASP.NET Core Using Claims?

How to Implement Custom Authorization in ASP.NET Core Using Claims?

Mary-Kate Olsen
Release: 2025-02-01 18:16:10
Original
336 people have browsed it

How to Implement Custom Authorization in ASP.NET Core Using Claims?

Use a statement in ASP.NET CORE to achieve customized authorization attributes

Background

ASP.NET CORE

provides a convenient way to operate based on declaration. However, in the previous version, you can rewrite

to achieve customized authorization logic. This method no longer exists in AuthorizeAttribute. bool AuthorizeCore(HttpContextBase httpContext) AuthorizeAttribute The current method of using strategy

ASP.NET CORE team recommends using strategies for customized authorization. The following is the process:

Define strategy in :

  1. Startup.cs

    Add attribute to your operation or controller: 
     options.AddPolicy("YourPolicyName", policy => policy.RequireClaim(...));
    Copy after login

  2. [Authorize] Using the customized authorization attributes of the statement 

     [Authorize(Policy = "YourPolicyName")]
 public IActionResult Action(...)
    Copy after login
    If the strategy -based method is not applicable, you can use the
    3. interface to create a custom
:

How to use examples: IAuthorizationFilter AuthorizeAttribute

By implementing the 
public class ClaimRequirementAttribute : TypeFilterAttribute
{
    public ClaimRequirementAttribute(string claimType, string claimValue) : base(typeof(ClaimRequirementFilter))
    {
        Arguments = new object[] { new Claim(claimType, claimValue) };
    }
}

public class ClaimRequirementFilter : IAuthorizationFilter
{
    private readonly Claim _claim;

    public ClaimRequirementFilter(Claim claim)
    {
        _claim = claim;
    }

    public void OnAuthorization(AuthorizationFilterContext context)
    {
        bool hasClaim = context.HttpContext.User.Claims.Any(c => c.Type == _claim.Type && c.Value == _claim.Value);
        if (!hasClaim)
        {
            context.Result = new ForbidResult();
        }
    }
}
Copy after login
method in your filter, you can specify the authorization logic according to the statement.

The above is the detailed content of How to Implement Custom Authorization in ASP.NET Core Using Claims?. For more information, please follow other related articles on the PHP Chinese website!

Previous article:How to Create Custom Authorization Attributes in ASP.NET Core? Next article:How to Create a Custom AuthorizeAttribute in ASP.NET Core for Simple Claim Requirements?
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
function_exists() cannot determine the custom function Function test () {return true;} if (function_exists ('test')) {echo "test is function...
From 2024-04-29 11:01:01
0
3
2686
How to display the mobile version of Google Chrome Hello teacher, how can I change Google Chrome into a mobile version?
From 2024-04-23 00:22:19
0
11
2819
The child window operates the parent window, but the output does not respond. The first two sentences are executable, but the last sentence cannot be implemented.
From 2024-04-19 15:37:47
0
1
2379
There is no output in the parent window document.onclick = function(){ window.opener.document.write('I am the output of the child ...
From 2024-04-18 23:52:34
0
1
2248
Where is the courseware about CSS mind mapping? Courseware
From 2024-04-16 10:10:18
0
0
2344
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template