-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathProgram.cs
68 lines (55 loc) · 2.11 KB
/
Program.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Identity.Web;
using Microsoft.Identity.Web.Resource;
using Shared.Extensions;
using Shared.Services;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApi(builder.Configuration.GetSection("AzureAd"));
builder.Services.AddAuthorization(options =>
{
// Declare the needed authorization policies here
// More info: https://learn.microsoft.com/aspnet/core/security/authorization/policies
options.AddPolicy("RequireAccessToSecret", policy => policy.RequireRole("AccessToSecret"));
});
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
// Add your implementation of IAuthorizationService to the container instead of DummyAuthorizationService
builder.Services.AddScoped<IAuthorizationService, DummyAuthorizationService>();
var app = builder.Build();
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseAuthentication();
// Use the UseInjectedRoles middleware to inject roles for the current user into the HttpContext
app.UseInjectedRoles();
app.UseAuthorization();
var summaries = new[]
{
"Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
};
app.MapGet("/weatherforecast", (HttpContext httpContext) =>
{
var forecast = Enumerable.Range(1, 5).Select(index =>
new WeatherForecast
(
DateTime.Now.AddDays(index),
Random.Shared.Next(-20, 55),
summaries[Random.Shared.Next(summaries.Length)]
))
.ToArray();
return forecast;
})
.WithName("GetWeatherForecast")
// This action is only accessible if all the requirements of "RequireAccessToSecret" policy are met
// Apply your required policies here
.RequireAuthorization(new[] { "RequireAccessToSecret" });
app.Run();
record WeatherForecast(DateTime Date, int TemperatureC, string? Summary)
{
public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);
}