HelloWorld
Reputation: 3759
How do I create a custom Authorize attribute that does not depend on claims in ASP.NET Core?
I want to create a custom AuthorizeAttribute that does the following:
- If the requested URL contains the query parameter id, normal authorization is required
- If the requested URL does not contain the query parameter id, no authorization is required
Reading https://learn.microsoft.com/en-us/aspnet/core/security/authorization/iauthorizationpolicyprovider?view=aspnetcore-3.1 does not make things very clear in this particular case.
Reading How do you create a custom AuthorizeAttribute in ASP.NET Core? also does not make things clear as it depends on claims.
Upvotes: 1
Views: 749
Answers (1)
Voodoo
Reputation: 1658
You can simply create Authorization Filter
public class CustomAuthorizationFilter : IAuthorizationFilter
{
public void OnAuthorization(AuthorizationFilterContext context)
{
string id = context.HttpContext.Request.Query["id"]?.ToString();
if (!string.IsNullOrEmpty(id))
{
// Authorization logic
}
}
}
Upvotes: 3
Related Questions
- How do you create a custom AuthorizeAttribute in ASP.NET Core?
- Custom Authorization Attribute in .Net Core 5
- Custom Authorization attribute asp.net core
- AuthorizeAttribute return Custom Value in ASP.net Core (Without Override)
- Custom Authorize attribute - ASP .NET Core 2.2
- How do you create a custom Policy AuthorizeAttribute in ASP.NET Core?
- ASP.NET Core 2.1 How to determine Claims without Authorize Attribute?
- Custom Authorize attribute without Identity and OWIN
- Use Authorize Attribute with Custom Claims based Authentication
- Asp.Net Core: Access custom AuthorizeAttribute property in AuthorizeHandler