Adding an AuthorizationHandler via config

Question

In WCF, you can add an authorization policy through the web.config by using the serviceAuthorization node in a service behavior. Is there a way to include an AuthorizationHandler in .NET Core WebAPI via config?

To be clear, I'm trying to replace this line in Startup.cs with something in the web.config:

services.AddSingleton<IAuthorizationHandler, MyAuthorizationHandler>();

Answer 1

web.config is only used for IIS specific config. Because of .net-core's cross platform nature they ditched coupling to web config for application configuration.

A web.config file is required when hosting the app in IIS or IIS Express. Settings in web.config enable the ASP.NET Core Module to launch the app and configure other IIS settings and modules.

Reference Configure an ASP.NET Core App: The web.config file

Startup is your entry point into the application where you can have some settings in the json file and have your code add/update the configuration based on that.

My thinking is that it would save having to recompile every time you want to add something because configuration options allows you to Reload configuration data with IOptionsSnapshot
Requires ASP.NET Core 1.1 or later.

IOptionsSnapshot supports reloading options with minimal processing overhead. In ASP.NET Core 1.1, IOptionsSnapshot is a snapshot of IOptionsMonitor<TOptions> and updates automatically whenever the monitor triggers changes based on the data source changing. In ASP.NET Core 2.0 and later, options are computed once per request when accessed and cached for the lifetime of the request.

Your authorization handler(s) would depend on the options and perform its function based on the configurations provided.