基于策略的身份验证 asp.net 核心的 500 内部服务器错误

【问题标题】:500 Internal Server Error with Policy based authentication asp.net core基于策略的身份验证 asp.net 核心的 500 内部服务器错误
【发布时间】:2018-08-05 05:05:03
【问题描述】:

我正在尝试在 asp.net core 2.1 中进行基于策略的身份验证。由于依赖注入,我面临 500 内部服务器错误。无法弄清楚如何解决问题。

services.AddAuthorization(auth =>
            {
                auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
                    .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme‌​)
                    .RequireAuthenticatedUser().Build());

                auth.AddPolicy("canRead",
                               policy => policy.Requirements.Add(new PermissionRequirement(PermissionEnum.Read)));
                auth.AddPolicy("canCreate",
                               policy => policy.Requirements.Add(new PermissionRequirement(PermissionEnum.Write)));
                auth.AddPolicy("canUpdate",
                               policy => policy.Requirements.Add(new PermissionRequirement(PermissionEnum.Update)));
                auth.AddPolicy("canDelete",
                               policy => policy.Requirements.Add(new PermissionRequirement(PermissionEnum.Delete)));
            });
            services.AddSingleton<IAuthorizationHandler, PermissionHandler>();

这是权限检查代码

public class PermissionRequirement : IAuthorizationRequirement
    {
        public PermissionEnum _permission { get; }
        public PermissionRequirement(PermissionEnum permission)
        {
            _permission = permission;
        }
    }

    public class PermissionHandler : AuthorizationHandler<PermissionRequirement>
    {

        private readonly IAdminUOW permissionRepository;

        public PermissionHandler(IAdminUOW permissionRepository)
        {
            this.permissionRepository = permissionRepository;
        }

        protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
        {
            if (context.User == null)
            {
                // no user authorizedd. Alternatively call context.Fail() to ensure a failure 
                // as another handler for this requirement may succeed
                context.Fail();
            }
            bool hasPermission = await permissionRepository.CheckPermissionForUser(new Guid(context.User.ToString()), requirement._permission);
            if (hasPermission)
            {
                context.Succeed(requirement);
            }

        }

权限枚举

[Flags]
    public enum PermissionEnum
    {
        None = 0,
        Read = 0x001,
        Write = 0x010,
        Delete = 0x011,
        Update = 0x100,
        ReadWrite = Read | Write,
        FullControl = ReadWrite | Update | Delete
    }
}

错误是由services.AddSingleton&lt;IAuthorizationHandler, PermissionHandler&gt;();引起的,但不知道我做错了什么。

谁能告诉我如何解决这个问题。

参考资料 - https://stormpath.com/blog/tutorial-policy-based-authorization-asp-net-core

【问题讨论】:

  • 您的IAdminUOW 是否已在容器中注册?

标签: c# asp.net asp.net-mvc asp.net-core asp.net-core-mvc


【解决方案1】:

问题在于代码

替换下面的代码

services.AddSingleton<IAuthorizationHandler, PermissionHandler>();

下面的代码

services.AddTransient<IAuthorizationHandler, PermissionHandler>();

【讨论】:

  • 对我没有帮助。
猜你喜欢
  • 1970-01-01
  • 2017-09-13
  • 2018-02-20
  • 1970-01-01
  • 2019-05-28
  • 2020-10-23
  • 2021-08-22
  • 2019-03-24
  • 1970-01-01
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode