{"id":21962417,"url":"https://github.com/megafetis/mediatr.requestauthorization","last_synced_at":"2025-07-23T18:05:40.141Z","repository":{"id":65458084,"uuid":"268120369","full_name":"megafetis/MediatR.RequestAuthorization","owner":"megafetis","description":"MediatR RequestAuthorization behaviour","archived":false,"fork":false,"pushed_at":"2025-04-10T11:27:57.000Z","size":67,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-06-14T16:54:27.631Z","etag":null,"topics":["authorization","mediatr","request","requestauthorization"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/megafetis.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-05-30T16:42:54.000Z","updated_at":"2025-04-10T11:28:01.000Z","dependencies_parsed_at":"2024-11-29T10:40:38.582Z","dependency_job_id":"cbbd5a37-2d42-44ea-beb3-069db866f4f8","html_url":"https://github.com/megafetis/MediatR.RequestAuthorization","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/megafetis/MediatR.RequestAuthorization","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/megafetis%2FMediatR.RequestAuthorization","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/megafetis%2FMediatR.RequestAuthorization/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/megafetis%2FMediatR.RequestAuthorization/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/megafetis%2FMediatR.RequestAuthorization/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/megafetis","download_url":"https://codeload.github.com/megafetis/MediatR.RequestAuthorization/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/megafetis%2FMediatR.RequestAuthorization/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266726616,"owners_count":23974927,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-23T02:00:09.312Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authorization","mediatr","request","requestauthorization"],"created_at":"2024-11-29T10:39:46.540Z","updated_at":"2025-07-23T18:05:40.126Z","avatar_url":"https://github.com/megafetis.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# MediatR.RequestAuthorization\n\n[![NuGet](https://img.shields.io/nuget/dt/MediatR.RequestAuthorization.svg)](https://www.nuget.org/packages/MediatR.RequestAuthorization/) \n[![NuGet](https://img.shields.io/nuget/vpre/MediatR.RequestAuthorization.svg)](https://www.nuget.org/packages/MediatR.RequestAuthorization/)\n\nAuthorization rules for [MediatR](https://www.nuget.org/packages/MediatR). This library uses pipline behavior ``IPipelineBehavior\u003c,\u003e`` in mediator middleware.\n\n\n## Installing MediatR.RequestAuthorization\n\nYou should install [MediatR.RequestAuthorization with NuGet](https://www.nuget.org/packages/MediatR.RequestAuthorization):\n\n    Install-Package MediatR.RequestAuthorization\n    \nOr via the .NET Core command line interface:\n\n    dotnet add package MediatR.RequestAuthorization\n\n\n## Implement `IUserContext` and register it on DI container\n\nSimple implementation for aspnetcore:\n\n```cs\npublic class HttpUserContext : IUserContext\n{\n    public IHttpContextAccessor Http { get; }\n\n    public HttpUserContext(IHttpContextAccessor http)\n    {\n        Http = http;\n        User = http?.HttpContext?.User;\n    }\n\n    public virtual string? ExtraAttribute(string key)\n    {\n        return null;\n    }\n\n    public ClaimsPrincipal? User { get; }\n    public string? Id\n    {\n        get\n        {\n            if (User?.Identity != null \u0026\u0026 User.Identity.IsAuthenticated)\n            {\n                return User.Claims.FirstOrDefault(p =\u003e p.Type == ClaimTypes.NameIdentifier)?.Value ?? User.Claims.FirstOrDefault(p =\u003e p.Type == \"sub\")?.Value;\n            }\n\n            return null;\n        }\n    }\n    public string Name =\u003e User?.Identity.Name;\n    public bool IsAuthenticated =\u003e User?.Identity != null \u0026\u0026 User.Identity.IsAuthenticated;\n    public virtual string? ClaimValue(string claimType)\n    {\n        return User?.Claims?.FirstOrDefault(p =\u003e p.Type == claimType)?.Value;\n    }\n\n    public virtual bool HasClaim(string type, string value)\n    {\n        return User?.HasClaim(type, value) ?? false;\n    }\n\n    public virtual bool HasClaim(Predicate\u003cClaim\u003e match)\n    {\n        return User?.HasClaim(match) ?? false;\n    }\n}\n\n```\n\n## Add `IAuthorizationRule\u003cYourQueryOrCommand\u003e` to your DI container\n```cs\nservices.AddTrancient\u003cIAuthorizationRule\u003cYourQueryOrCommand\u003e,MySecurityRuleImplementation\u003e();\n\n```\n\n## Register behavior `IAuthorizationRule\u003cYourQueryOrCommand\u003e` to your DI container\n\n```cs\nservices.AddMediatR(cfg =\u003e\n{\n    cfg.RegisterServicesFromAssemblies(coreAsms); // all core handlers\n    cfg.AddOpenBehavior(typeof(RequestAuthorizationBehavior\u003c,\u003e)); // enable security\n\n});\n\n```\n\n##### Common usage (Example):\n\n\nDefine authorization rule for your IRequest impl class\n```cs \n//your IRequest class\npublic class GetProfileQuery:IRequest\u003cUserProfile\u003e\n{\n    \n}\n\n// your IAuthorizationRule class\nclass GetProfileQuerySecurityRule:IAuthorizationRule\u003cGetProfileQuery\u003e\n{\n    private readonly ISomeService _someService;\n\n    public GetProfileQuerySecurityRule(ISomeService someService)\n    {\n        _someService = someService;\n    }\n\n    public Task Authorize(TRequest request, IUserContext userContext, CancellationToken cancellationToken)\n    {\n        \n        if(userContext.IsAuthenticated)\n        {\n            return SecurltyResult.Ok();\n        }\n\n        return SecurityResult.AnonimousUser(request);\n\n    }\n}\n\n```\n\n``SecurityResult`` is a static helper class, that wraps throwing Exceptions\n\n``AccessDeniedException`` is  a helper Exception class. You may use your own exceptions.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmegafetis%2Fmediatr.requestauthorization","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmegafetis%2Fmediatr.requestauthorization","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmegafetis%2Fmediatr.requestauthorization/lists"}