We will discuss using both the claim type and claim value in policy based authorization in asp.net core mvc.
Consider the following Authorization policy. To satisfy this policy the loggedin user must have Edit Role claim. At the moment we are not checking for any value.
services.AddAuthorization(options =>
{
options.AddPolicy("EditRolePolicy",
policy => policy.RequireClaim("Edit Role"));
});
Most claims come with a value. To satisfy this policy the loggedin user must have Edit Role claim with a value of true.
A list of allowed values can also be specified. To satisfy the following policy the loggedin user must have Country claim with a value of USA, India, or UK
ClaimType comparison is case in-sensitive where as ClaimValue comparison is case sensitive.
Consider the following Authorization policy. To satisfy this policy the loggedin user must have Edit Role claim. At the moment we are not checking for any value.
services.AddAuthorization(options =>
{
options.AddPolicy("EditRolePolicy",
policy => policy.RequireClaim("Edit Role"));
});
Most claims come with a value. To satisfy this policy the loggedin user must have Edit Role claim with a value of true.
services.AddAuthorization(options =>
{
options.AddPolicy("EditRolePolicy",
policy => policy.RequireClaim("Edit Role", "true"));
});
{
options.AddPolicy("EditRolePolicy",
policy => policy.RequireClaim("Edit Role", "true"));
});
A list of allowed values can also be specified. To satisfy the following policy the loggedin user must have Country claim with a value of USA, India, or UK
services.AddAuthorization(options =>
{
options.AddPolicy("AllowedCountryPolicy",
policy => policy.RequireClaim("Country", "USA", "India", "UK"));
});
{
options.AddPolicy("AllowedCountryPolicy",
policy => policy.RequireClaim("Country", "USA", "India", "UK"));
});
ClaimType comparison is case in-sensitive where as ClaimValue comparison is case sensitive.
No comments:
Post a Comment