Mediator.Behaviors.Authorization
2.0.0
dotnet add package Mediator.Behaviors.Authorization --version 2.0.0
NuGet\Install-Package Mediator.Behaviors.Authorization -Version 2.0.0
<PackageReference Include="Mediator.Behaviors.Authorization" Version="2.0.0" />
paket add Mediator.Behaviors.Authorization --version 2.0.0
#r "nuget: Mediator.Behaviors.Authorization, 2.0.0"
// Install Mediator.Behaviors.Authorization as a Cake Addin #addin nuget:?package=Mediator.Behaviors.Authorization&version=2.0.0 // Install Mediator.Behaviors.Authorization as a Cake Tool #tool nuget:?package=Mediator.Behaviors.Authorization&version=2.0.0
Mediator.Behaviors.Authorization
A simple request authorization package that allows you to build and run request specific authorization requirements before your request handler is called for Mediator.
This library is inspired on the MediatR.Behaviors.Authorization library for MediatR.
Installation
Using the .NET Core command-line interface (CLI) tools:
dotnet add package Mediator.Behaviors.Authorization
Using the NuGet Command Line Interface (CLI):
nuget install Mediator.Behaviors.Authorization
Using the Package Manager Console:
Install-Package Mediator.Behaviors.Authorization
From within Visual Studio:
- Open the Solution Explorer.
- Right-click on a project within your solution.
- Click on Manage NuGet Packages...
- Click on the Browse tab and search for "Mediator.Behaviors.Authorization".
- Click on the Mediator.Behaviors.Authorization package, select the latest version in the right-tab and click Install.
Getting Started
Dependency Injection
You will need to register the authorization pipeline along with all implementations of IAuthorizer
:
using Mediator.Behaviors.Authorization.Extensions.DependencyInjection;
public class Startup
{
//...
public void ConfigureServices(IServiceCollection services)
{
// Adds the transient pipeline behavior and additionally registers all `IAuthorizationHandlers` for a given assembly
services.AddMediatorAuthorization(Assembly.GetExecutingAssembly());
// Register all `IAuthorizer` implementations for a given assembly
services.AddAuthorizersFromAssembly(Assembly.GetExecutingAssembly())
}
}
You can use the helper method to register 'IAuthorizer' implementations from an assembly or manually inject them using Microsoft's DI methods.
Example Usage
Scenario: We need to get details about a specific video for a course on behalf of a user. However, this video course information is considered privileged information and we only want users with a subscription to that course to have access to the information about the video.
Creating an Authorization Requirement IAuthorizationRequirement
Location: ~/Application/Authorization/MustHaveCourseSubscriptionRequirement.cs
You can create custom, reusable authorization rules for your Mediator requests by implementing IAuthorizationRequirement
and IAuthorizationHandler<TAuthorizationRequirement>
:
public class MustHaveCourseSubscriptionRequirement : IAuthorizationRequirement
{
public string UserId { get; set; }
public int CourseId { get; set; }
class MustHaveCourseSubscriptionRequirementHandler : IAuthorizationHandler<MustHaveCourseSubscriptionRequirement>
{
private readonly IApplicationDbContext _applicationDbContext;
public MustHaveCourseSubscriptionRequirementHandler(IApplicationDbContext applicationDbContext)
{
_applicationDbContext = applicationDbContext;
}
public async Task<AuthorizationResult> Handle(MustHaveCourseSubscriptionRequirement request, CancellationToken cancellationToken)
{
var userId = request.UserId;
var userCourseSubscription = await _applicationDbContext.UserCourseSubscriptions
.FirstOrDefaultAsync(x => x.UserId == userId && x.CourseId == request.CourseId, cancellationToken);
if (userCourseSubscription != null)
return AuthorizationResult.Succeed();
return AuthorizationResult.Fail("You don't have a subscription to this course.");
}
}
}
In the preceding listing, you can see this is your standard Mediator Request/Request Handler usage; so you can treat the whole affair as you normally would. It is important to note you must return AuthorizationResult
You can fail two ways: AuthorizationResult.Fail()
or AuthorizationResult.Fail("your message here")
and you can pass using AuthorizationResult.Succeed()
Basic Mediator Request
Location: ~/Application/Courses/Queries/GetCourseVideoDetail/GetCourseVideoDetailQuery.cs
public class GetCourseVideoDetailQuery : IRequest<CourseVideoDetailVm>
{
public int CourseId { get; set; }
public int VideoId { get; set; }
class GetCourseVideoDetailQueryHandler : IRequestHandler<GetCourseVideoDetailQuery>
{
private readonly IApplicationDbContext _applicationDbContext;
public GetCourseVideoDetailQueryHandler(IApplicationDbContext applicationDbContext)
{
_applicationDbContext = applicationDbContext;
}
public async Task<CourseVideoDetailVm> Handle(GetCourseVideoDetailQuery request, CancellationToken cancellationToken)
{
var video = await _applicationDbContext.CourseVideos
.FirstOrDefaultAsync(x => x.CourseId == request.CourseId && x.VideoId == request.VideoId, cancellationToken);
return new CourseVideoDetailVm(video);
}
}
}
Creating the IAuthorizer
Location: ~/Application/Courses/Queries/GetCourseVideoDetail/GetCourseVideoDetailAuthorizer.cs
public class GetCourseVideoDetailAuthorizer : AbstractRequestAuthorizer<GetCourseVideoDetailQuery>
{
private readonly ICurrentUserService _currentUserService;
public GetCourseVideoDetailAuthorizer(ICurrentUserService currentUserService)
{
_currentUserService = currentUserService;
}
public override void BuildPolicy(GetCourseVideoDetailQuery request)
{
UseRequirement(new MustHaveCourseSubscriptionRequirement
{
CourseId = request.CourseId,
UserId = _currentUserService.UserId
});
}
}
The usage of AbstractRequestAuthorizer<TRequest>
will usually be preferable; this abstract class does a couple things for us. It takes care of initializing and adding new requirements to the Requirements
property through the UseRequirement(IAuthorizationRequirement)
, finally, it still forces the class extending it to implement the IAuthorizer.BuildPolicy()
method which is very important for passing the needed arguments to the authorization requirement that handles the authorization logic.
For any requests, bug or comments, please open an issue or submit a pull request.
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
.NET Core | netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
.NET Standard | netstandard2.1 is compatible. |
MonoAndroid | monoandroid was computed. |
MonoMac | monomac was computed. |
MonoTouch | monotouch was computed. |
Tizen | tizen60 was computed. |
Xamarin.iOS | xamarinios was computed. |
Xamarin.Mac | xamarinmac was computed. |
Xamarin.TVOS | xamarintvos was computed. |
Xamarin.WatchOS | xamarinwatchos was computed. |
-
.NETStandard 2.1
- Mediator.Abstractions (>= 2.0.30)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Version | Downloads | Last updated |
---|---|---|
2.0.0 | 2,203 | 5/6/2023 |
Initial release