https://github.com/megafetis/mediatr.requestauthorization
MediatR RequestAuthorization behaviour
https://github.com/megafetis/mediatr.requestauthorization
authorization mediatr request requestauthorization
Last synced: 11 months ago
JSON representation
MediatR RequestAuthorization behaviour
- Host: GitHub
- URL: https://github.com/megafetis/mediatr.requestauthorization
- Owner: megafetis
- License: apache-2.0
- Created: 2020-05-30T16:42:54.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2025-04-10T11:27:57.000Z (about 1 year ago)
- Last Synced: 2025-06-14T16:54:27.631Z (about 1 year ago)
- Topics: authorization, mediatr, request, requestauthorization
- Language: C#
- Homepage:
- Size: 65.4 KB
- Stars: 3
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE.txt
Awesome Lists containing this project
README
# MediatR.RequestAuthorization
[](https://www.nuget.org/packages/MediatR.RequestAuthorization/)
[](https://www.nuget.org/packages/MediatR.RequestAuthorization/)
Authorization rules for [MediatR](https://www.nuget.org/packages/MediatR). This library uses pipline behavior ``IPipelineBehavior<,>`` in mediator middleware.
## Installing MediatR.RequestAuthorization
You should install [MediatR.RequestAuthorization with NuGet](https://www.nuget.org/packages/MediatR.RequestAuthorization):
Install-Package MediatR.RequestAuthorization
Or via the .NET Core command line interface:
dotnet add package MediatR.RequestAuthorization
## Implement `IUserContext` and register it on DI container
Simple implementation for aspnetcore:
```cs
public class HttpUserContext : IUserContext
{
public IHttpContextAccessor Http { get; }
public HttpUserContext(IHttpContextAccessor http)
{
Http = http;
User = http?.HttpContext?.User;
}
public virtual string? ExtraAttribute(string key)
{
return null;
}
public ClaimsPrincipal? User { get; }
public string? Id
{
get
{
if (User?.Identity != null && User.Identity.IsAuthenticated)
{
return User.Claims.FirstOrDefault(p => p.Type == ClaimTypes.NameIdentifier)?.Value ?? User.Claims.FirstOrDefault(p => p.Type == "sub")?.Value;
}
return null;
}
}
public string Name => User?.Identity.Name;
public bool IsAuthenticated => User?.Identity != null && User.Identity.IsAuthenticated;
public virtual string? ClaimValue(string claimType)
{
return User?.Claims?.FirstOrDefault(p => p.Type == claimType)?.Value;
}
public virtual bool HasClaim(string type, string value)
{
return User?.HasClaim(type, value) ?? false;
}
public virtual bool HasClaim(Predicate match)
{
return User?.HasClaim(match) ?? false;
}
}
```
## Add `IAuthorizationRule` to your DI container
```cs
services.AddTrancient,MySecurityRuleImplementation>();
```
## Register behavior `IAuthorizationRule` to your DI container
```cs
services.AddMediatR(cfg =>
{
cfg.RegisterServicesFromAssemblies(coreAsms); // all core handlers
cfg.AddOpenBehavior(typeof(RequestAuthorizationBehavior<,>)); // enable security
});
```
##### Common usage (Example):
Define authorization rule for your IRequest impl class
```cs
//your IRequest class
public class GetProfileQuery:IRequest
{
}
// your IAuthorizationRule class
class GetProfileQuerySecurityRule:IAuthorizationRule
{
private readonly ISomeService _someService;
public GetProfileQuerySecurityRule(ISomeService someService)
{
_someService = someService;
}
public Task Authorize(TRequest request, IUserContext userContext, CancellationToken cancellationToken)
{
if(userContext.IsAuthenticated)
{
return SecurltyResult.Ok();
}
return SecurityResult.AnonimousUser(request);
}
}
```
``SecurityResult`` is a static helper class, that wraps throwing Exceptions
``AccessDeniedException`` is a helper Exception class. You may use your own exceptions.