Saturday, September 7, 2019

Claim type and claim value in claims policy based authorization in asp.net core

We will discuss using both the claim type and claim value in policy based authorization in asp.net core mvc.

Consider the following Authorization policy. To satisfy this policy the loggedin user must have Edit Role claim. At the moment we are not checking for any value.


services.AddAuthorization(options =>
{
    options.AddPolicy("EditRolePolicy",
        policy => policy.RequireClaim("Edit Role"));
});

Most claims come with a value. To satisfy this policy the loggedin user must have Edit Role claim with a value of true.

services.AddAuthorization(options =>
{
    options.AddPolicy("EditRolePolicy",
        policy => policy.RequireClaim("Edit Role""true"));
});

A list of allowed values can also be specified. To satisfy the following policy the loggedin user must have Country claim with a value of USA, India, or UK

services.AddAuthorization(options =>
{
    options.AddPolicy("AllowedCountryPolicy",
        policy => policy.RequireClaim("Country""USA", "India", "UK"));
});

ClaimType comparison is case in-sensitive where as ClaimValue comparison is case sensitive.

No comments:

Post a Comment

How to register multiple implementations of the same interface in Asp.Net Core?

 Problem: I have services that are derived from the same interface. public interface IService { } public class ServiceA : IService { ...