Skip to content

.net core 7 AddAuthorizationRule not work #993

Description

@triumphtang

Program:

builder.Services.AddAuthorization(options =>
{
    options.AddPolicy("111", policy =>
        policy.Requirements.Add(new MinimumAgeRequirement()));
});

builder.Services.AddTransient<IAuthorizationHandler, MinimumAgeHandler>();

builder.Services.AddGraphQL(b => b
    .AddSchema<Common_Base_Schemas>()
    .AddSchema<IMS_Schemas>()

    .AddAutoClrMappings()
    .AddSystemTextJson()
    .AddAuthorizationRule());

var app = builder.Build();

app.UseDeveloperExceptionPage();

app.UseAuthentication();
app.UseAuthorization();

app.UseWebSockets();

Query:

    public class Query
    {
        [AllowAnonymous]
        public static CompanyEntity? companyEntity()
        {
            return new CompanyEntity() { rowkey = Guid.NewGuid().ToString(), CompanyId = "11", CompanyName = "12" };
        }
        [Authorize(Policy = "111")]
        public static IEnumerable<CompanyEntity>? companyAll()
        {
            return new CompanyEntity[] { new CompanyEntity() { rowkey = Guid.NewGuid().ToString(), CompanyId = "A11"} };
        }
    }

MinimumAgeRequirement :

    public class MinimumAgeRequirement : IAuthorizationRequirement
    {
    }

MinimumAgeHandler :

    public class MinimumAgeHandler : AuthorizationHandler<MinimumAgeRequirement>
    {
        protected override Task HandleRequirementAsync(
            AuthorizationHandlerContext context, MinimumAgeRequirement requirement)
        {
            context.Succeed(requirement);

            return Task.CompletedTask;
        }
    }

Error accessing "companyAll":

{
   "error": {
     "errors": [
       {
         "message": "Access denied for field 'companyAll' on type 'Query'.",
         "locations": [
           {
             "line": 10,
             "column": 3
           }
         ],
         "extensions": {
           "code": "ACCESS_DENIED",
           "codes": [
             "ACCESS_DENIED"
           ]
         }
       }
     ]
   }
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    questionFurther information is requested

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions