C
C#3y ago
Poller

Minimal Api Attributes

The testcode in my screenshot doesnt call the IAuthorizationFilter implementing attribute on my method head. when i use a inline delegate in programm.cs i loose DI(afaik). i am sure there is a correct way, but for minimal apis i cant find it. Some tipps? ps: in a controller api all works fina as expected.
17 Replies
Unknown User
Unknown User3y ago
Message Not Public
Sign In & Join Server To View
Pobiega
Pobiega3y ago
Also, minimal API doesn't support actionfilters. In .net 7 they support a new type of filter
Unknown User
Unknown User3y ago
Message Not Public
Sign In & Join Server To View
Poller
PollerOP3y ago
its a custom attribute. and i know we all should use MS Identity, but this is a test and i do not see it usefull all the time. but this is another topic so is IAuthorizationFilter the 1% or would you do stuff like this in middleware?
Pobiega
Pobiega3y ago
Authorize isnt a filter iirc, its actually a flag for the middleware to kick in
Unknown User
Unknown User3y ago
Message Not Public
Sign In & Join Server To View
Poller
PollerOP3y ago
gimme 20 minutes ill be right back it just cheks on controllers/routes: - is a custom allowanonymous attribute set - is the user attatched to the context and are a few user criteria met(locked, permissions(also attributes on routes)) but as it seems, @Pobiega pointed out that it seems not working yet. so i wait till net7 to play around with this a bit more.
Unknown User
Unknown User3y ago
Message Not Public
Sign In & Join Server To View
Poller
PollerOP3y ago
dont get hung up on the authorize and best pacteces. this is just some tester project to play with stuff. i might take a look into another approach without attributes. (thinking, for permissions i dont want to go without((
Unknown User
Unknown User3y ago
Message Not Public
Sign In & Join Server To View
MODiX
MODiX3y ago
tebeco#0205
alternative: 
app.MapGet("/auth", () => "This endpoint requires authorization")
   .RequireAuthorization();
app.MapGet("/auth", () => "This endpoint requires authorization")
   .RequireAuthorization();
Quoted by
<@!689473681302224947> from #Minimal Api Attributes (click here)
React with ❌ to remove this embed.
Unknown User
Unknown User3y ago
Message Not Public
Sign In & Join Server To View
MODiX
MODiX3y ago
tebeco#0205
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using WebRPauth.Data;

var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthorization(o => o.AddPolicy("AdminsOnly", 
                                  b => b.RequireClaim("admin", "true")));

var connectionString = builder.Configuration.GetConnectionString("DefaultConnection");
builder.Services.AddDbContext<ApplicationDbContext>(options =>
    options.UseSqlServer(connectionString));
builder.Services.AddDatabaseDeveloperPageExceptionFilter();

builder.Services.AddDefaultIdentity<IdentityUser>(options => options.SignIn.RequireConfirmedAccount = true)
    .AddEntityFrameworkStores<ApplicationDbContext>();

var app = builder.Build();

app.UseAuthorization();

app.MapGet("/auth", [Authorize] () => "This endpoint requires authorization.");
app.MapGet("/", () => "This endpoint doesn't require authorization.");
app.MapGet("/Identity/Account/Login", () => "Sign in page at this endpoint.");

app.Run();
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using WebRPauth.Data;

var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthorization(o => o.AddPolicy("AdminsOnly", 
                                  b => b.RequireClaim("admin", "true")));

var connectionString = builder.Configuration.GetConnectionString("DefaultConnection");
builder.Services.AddDbContext<ApplicationDbContext>(options =>
    options.UseSqlServer(connectionString));
builder.Services.AddDatabaseDeveloperPageExceptionFilter();

builder.Services.AddDefaultIdentity<IdentityUser>(options => options.SignIn.RequireConfirmedAccount = true)
    .AddEntityFrameworkStores<ApplicationDbContext>();

var app = builder.Build();

app.UseAuthorization();

app.MapGet("/auth", [Authorize] () => "This endpoint requires authorization.");
app.MapGet("/", () => "This endpoint doesn't require authorization.");
app.MapGet("/Identity/Account/Login", () => "Sign in page at this endpoint.");

app.Run();
Quoted by
<@!689473681302224947> from #Minimal Api Attributes (click here)
React with ❌ to remove this embed.
Unknown User
Unknown User3y ago
Message Not Public
Sign In & Join Server To View
MODiX
MODiX3y ago
tebeco#0205
or "docs aspnetcore resource based authorization"
Quoted by
<@!689473681302224947> from #Minimal Api Attributes (click here)
React with ❌ to remove this embed.
Unknown User
Unknown User3y ago
Message Not Public
Sign In & Join Server To View
Poller
PollerOP3y ago
resource based authorization looks interesting. its on my list for next weekend 🙂

Did you find this page helpful?