From 696322f6a531fbefeb62e0514793c522514017b5 Mon Sep 17 00:00:00 2001 From: Radoslaw Wojtkiewicz Date: Fri, 18 Oct 2024 11:57:38 +0200 Subject: [PATCH 1/3] add registration for auth interceptor --- .../Interceptors/AuthorizationInterceptor.cs | 10 ++++++++++ .../Stateflows.Transport.Http/DependencyInjection.cs | 8 ++++++++ 2 files changed, 18 insertions(+) create mode 100644 Core/Stateflows/StateMachines/Interceptors/AuthorizationInterceptor.cs diff --git a/Core/Stateflows/StateMachines/Interceptors/AuthorizationInterceptor.cs b/Core/Stateflows/StateMachines/Interceptors/AuthorizationInterceptor.cs new file mode 100644 index 00000000..f916687b --- /dev/null +++ b/Core/Stateflows/StateMachines/Interceptors/AuthorizationInterceptor.cs @@ -0,0 +1,10 @@ +using System; +using System.Collections.Generic; +using System.Text; + +namespace Stateflows.StateMachines.Interceptors +{ + internal class AuthorizationInterceptor + { + } +} diff --git a/Transport/Stateflows.Transport.Http/DependencyInjection.cs b/Transport/Stateflows.Transport.Http/DependencyInjection.cs index dc99bbe8..dd9331ce 100644 --- a/Transport/Stateflows.Transport.Http/DependencyInjection.cs +++ b/Transport/Stateflows.Transport.Http/DependencyInjection.cs @@ -8,6 +8,8 @@ using Stateflows.Common.Interfaces; using Stateflows.Common.Extensions; using Stateflows.Common.Transport.Classes; +using Stateflows.Common.Registration.Interfaces; +using Stateflows.StateMachines.Interceptors; namespace Stateflows.Transport.Http { @@ -77,5 +79,11 @@ INotificationsHub hub return builder; } + + public static IStateflowsBuilder AddAspAuthorization(this IStateflowsBuilder stateflowsBuilder) + { + stateflowsBuilder.AddInterceptor(); + return stateflowsBuilder; + } } } From 8fea3b17b9f9e323ef8cf247ca168fbbb9e415d9 Mon Sep 17 00:00:00 2001 From: Radoslaw Wojtkiewicz Date: Fri, 18 Oct 2024 14:56:11 +0200 Subject: [PATCH 2/3] perfrom authorization on controler level --- .../Interceptors/AuthorizationInterceptor.cs | 10 ------- .../DependencyInjection.cs | 26 ++++++++++++++----- .../Stateflows.Transport.Http.csproj | 6 ++++- 3 files changed, 25 insertions(+), 17 deletions(-) delete mode 100644 Core/Stateflows/StateMachines/Interceptors/AuthorizationInterceptor.cs diff --git a/Core/Stateflows/StateMachines/Interceptors/AuthorizationInterceptor.cs b/Core/Stateflows/StateMachines/Interceptors/AuthorizationInterceptor.cs deleted file mode 100644 index f916687b..00000000 --- a/Core/Stateflows/StateMachines/Interceptors/AuthorizationInterceptor.cs +++ /dev/null @@ -1,10 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Text; - -namespace Stateflows.StateMachines.Interceptors -{ - internal class AuthorizationInterceptor - { - } -} diff --git a/Transport/Stateflows.Transport.Http/DependencyInjection.cs b/Transport/Stateflows.Transport.Http/DependencyInjection.cs index dd9331ce..eae14b70 100644 --- a/Transport/Stateflows.Transport.Http/DependencyInjection.cs +++ b/Transport/Stateflows.Transport.Http/DependencyInjection.cs @@ -8,8 +8,7 @@ using Stateflows.Common.Interfaces; using Stateflows.Common.Extensions; using Stateflows.Common.Transport.Classes; -using Stateflows.Common.Registration.Interfaces; -using Stateflows.StateMachines.Interceptors; +using Microsoft.AspNetCore.Authorization; namespace Stateflows.Transport.Http { @@ -30,11 +29,13 @@ public static IEndpointRouteBuilder MapStateflowsHttpTransport(this IEndpointRou INotificationsHub hub ) => { + var responseTime = DateTime.Now; using var reader = new StreamReader(context.Request.Body); var body = await reader.ReadToEndAsync(); var input = StateflowsJsonConverter.DeserializeObject(body); - + if (!AuthorizeUser(context, input.Event)) + return Results.Unauthorized(); var behaviorId = new BehaviorId(input.BehaviorId.Type, input.BehaviorId.Name, input.BehaviorId.Instance); if (locator.TryLocateBehavior(behaviorId, out var behavior)) { @@ -80,10 +81,23 @@ INotificationsHub hub return builder; } - public static IStateflowsBuilder AddAspAuthorization(this IStateflowsBuilder stateflowsBuilder) + private static bool AuthorizeUser(HttpContext context, Event stateflowsEvent) { - stateflowsBuilder.AddInterceptor(); - return stateflowsBuilder; + AuthorizeAttribute? authAttribute = (AuthorizeAttribute?)Attribute.GetCustomAttribute(stateflowsEvent.GetType(), typeof(AuthorizeAttribute)); + if (authAttribute != null) + { + var policy = authAttribute.Policy; + var user = context.User; + if (policy == null && user != null && user.Identity!.IsAuthenticated) + return true; + if (user != null && user.Claims.Any(c => c.Value.Equals(policy))) + { + return true; + } + return false; + } + return true; + } } } diff --git a/Transport/Stateflows.Transport.Http/Stateflows.Transport.Http.csproj b/Transport/Stateflows.Transport.Http/Stateflows.Transport.Http.csproj index 2165dc4b..201c9e5d 100644 --- a/Transport/Stateflows.Transport.Http/Stateflows.Transport.Http.csproj +++ b/Transport/Stateflows.Transport.Http/Stateflows.Transport.Http.csproj @@ -1,4 +1,4 @@ - + net6.0 @@ -37,6 +37,10 @@ + + + + From ad07aa72be0255945ed1071f78047e3c5f95243e Mon Sep 17 00:00:00 2001 From: Radoslaw Wojtkiewicz Date: Fri, 18 Oct 2024 15:02:12 +0200 Subject: [PATCH 3/3] add comment --- Transport/Stateflows.Transport.Http/DependencyInjection.cs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Transport/Stateflows.Transport.Http/DependencyInjection.cs b/Transport/Stateflows.Transport.Http/DependencyInjection.cs index eae14b70..8a93f382 100644 --- a/Transport/Stateflows.Transport.Http/DependencyInjection.cs +++ b/Transport/Stateflows.Transport.Http/DependencyInjection.cs @@ -34,6 +34,7 @@ INotificationsHub hub using var reader = new StreamReader(context.Request.Body); var body = await reader.ReadToEndAsync(); var input = StateflowsJsonConverter.DeserializeObject(body); + //temporary authorization solution if (!AuthorizeUser(context, input.Event)) return Results.Unauthorized(); var behaviorId = new BehaviorId(input.BehaviorId.Type, input.BehaviorId.Name, input.BehaviorId.Instance); @@ -83,7 +84,8 @@ INotificationsHub hub private static bool AuthorizeUser(HttpContext context, Event stateflowsEvent) { - AuthorizeAttribute? authAttribute = (AuthorizeAttribute?)Attribute.GetCustomAttribute(stateflowsEvent.GetType(), typeof(AuthorizeAttribute)); + AuthorizeAttribute? authAttribute = (AuthorizeAttribute?)Attribute.GetCustomAttribute(stateflowsEvent.GetType(), + typeof(AuthorizeAttribute)); if (authAttribute != null) { var policy = authAttribute.Policy;