Merge pull request #13 from xaviersolau/main

fmichellonet · web-flow · commit da692d899214 · 2022-05-23T06:43:59.000+02:00
Add DefaultAuthorizationHandlerProvider in order to enable use of role-based authorization.
diff --git a/src/AzureFunctions.Extensions.OpenIDConnect.Tests/AuthorizationServiceShould.cs b/src/AzureFunctions.Extensions.OpenIDConnect.Tests/AuthorizationServiceShould.cs
@@ -24,8 +24,9 @@ public async Task ApplyPolicyRequirements(string claimType, string claimValue, s
             // Arrange
             var policyName = "my policy";
             var localeClaim = new Claim(claimType, claimValue);
-             
-            var collection = ServiceCollectionFixture.MinimalAzFunctionsServices();
+
+            var collection = ServiceCollectionFixture.MinimalAzFunctionsServices()
+                            .WithClaimsAuthorizationHandler(claimType, new[] { claimRequiredValue });
 
             collection.AddOpenIDConnect(builder =>
             {
diff --git a/src/AzureFunctions.Extensions.OpenIDConnect.Tests/ServiceCollectionFixture.cs b/src/AzureFunctions.Extensions.OpenIDConnect.Tests/ServiceCollectionFixture.cs
@@ -1,8 +1,10 @@
 ﻿using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Authorization.Infrastructure;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using NSubstitute;
+using System.Collections.Generic;
 
 namespace AzureFunctions.Extensions.OpenIDConnect.Tests
 {
@@ -24,5 +26,11 @@ public static ServiceCollection MinimalAzFunctionsServices(ServiceCollection col
 
             return collection;
         }
+
+        public static ServiceCollection WithClaimsAuthorizationHandler(this ServiceCollection collection, string claimType, IEnumerable<string> allowedValues)
+        {
+            collection.AddSingleton<IAuthorizationHandler>(new ClaimsAuthorizationRequirement(claimType, allowedValues));
+            return collection;
+        }
     }
 }
diff --git a/src/AzureFunctions.Extensions.OpenIDConnect/Configuration/ServicesConfigurationExtensions.cs b/src/AzureFunctions.Extensions.OpenIDConnect/Configuration/ServicesConfigurationExtensions.cs
@@ -50,6 +50,7 @@ public static void AddOpenIDConnect(this IServiceCollection services, Action<Con
             services.AddSingleton<IFunctionFilter, AuthorizeFilter>();
             services.AddSingleton<IAuthorizationService, DefaultAuthorizationService>();
             services.AddSingleton<IAuthorizationPolicyProvider, DefaultAuthorizationPolicyProvider>();
+            services.AddSingleton<IAuthorizationHandlerProvider, DefaultAuthorizationHandlerProvider>();
         }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -1,8 +1,10 @@`
`1`	`1`	`using Microsoft.AspNetCore.Authorization;`
	`2`	`+using Microsoft.AspNetCore.Authorization.Infrastructure;`
`2`	`3`	`using Microsoft.Extensions.DependencyInjection;`
`3`	`4`	`using Microsoft.Extensions.Logging;`
`4`	`5`	`using Microsoft.Extensions.Options;`
`5`	`6`	`using NSubstitute;`
	`7`	`+using System.Collections.Generic;`
`6`	`8`
`7`	`9`	`namespace AzureFunctions.Extensions.OpenIDConnect.Tests`
`8`	`10`	`{`
`@@ -24,5 +26,11 @@ public static ServiceCollection MinimalAzFunctionsServices(ServiceCollection col`
`24`	`26`
`25`	`27`	`return collection;`
`26`	`28`	`}`
	`29`	`+`
	`30`	`+ public static ServiceCollection WithClaimsAuthorizationHandler(this ServiceCollection collection, string claimType, IEnumerable<string> allowedValues)`
	`31`	`+ {`
	`32`	`+ collection.AddSingleton<IAuthorizationHandler>(new ClaimsAuthorizationRequirement(claimType, allowedValues));`
	`33`	`+ return collection;`
	`34`	`+ }`
`27`	`35`	`}`
`28`	`36`	`}`
Original file line number	Diff line number	Diff line change
`@@ -50,6 +50,7 @@ public static void AddOpenIDConnect(this IServiceCollection services, Action<Con`
`50`	`50`	`services.AddSingleton<IFunctionFilter, AuthorizeFilter>();`
`51`	`51`	`services.AddSingleton<IAuthorizationService, DefaultAuthorizationService>();`
`52`	`52`	`services.AddSingleton<IAuthorizationPolicyProvider, DefaultAuthorizationPolicyProvider>();`
	`53`	`+ services.AddSingleton<IAuthorizationHandlerProvider, DefaultAuthorizationHandlerProvider>();`
`53`	`54`	`}`
`54`	`55`	`}`
`55`	`56`	`}`