Skip to content

Commit

Permalink
Registered ASP.NET Core Auth when using the default provider (#6150)
Browse files Browse the repository at this point in the history
  • Loading branch information
michaelstaib authored May 12, 2023
1 parent a0cb5b7 commit 19f152c
Show file tree
Hide file tree
Showing 5 changed files with 102 additions and 22 deletions.
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
using System;
using HotChocolate.AspNetCore.Authorization;
using HotChocolate.Execution.Configuration;

Expand All @@ -21,6 +22,45 @@ public static class HotChocolateAuthorizeRequestExecutorBuilder
public static IRequestExecutorBuilder AddAuthorization(
this IRequestExecutorBuilder builder)
{
if (builder == null)
{
throw new ArgumentNullException(nameof(builder));
}

builder.Services.AddAuthorization();
builder.AddAuthorizationHandler<DefaultAuthorizationHandler>();
return builder;
}

/// <summary>
/// Adds the default authorization support to the schema that
/// uses Microsoft.AspNetCore.Authorization.
/// </summary>
/// <param name="builder">
/// The <see cref="IRequestExecutorBuilder"/>.
/// </param>
/// <param name="configure">
/// An action delegate to configure the provided
/// <see cref="Microsoft.AspNetCore.Authorization.AuthorizationOptions"/>.
/// </param>
/// <returns>
/// Returns the <see cref="IRequestExecutorBuilder"/> for chaining in more configurations.
/// </returns>
public static IRequestExecutorBuilder AddAuthorization(
this IRequestExecutorBuilder builder,
Action<AspNetCore.Authorization.AuthorizationOptions> configure)
{
if (builder == null)
{
throw new ArgumentNullException(nameof(builder));
}

if (configure == null)
{
throw new ArgumentNullException(nameof(configure));
}

builder.Services.AddAuthorization(configure);
builder.AddAuthorizationHandler<DefaultAuthorizationHandler>();
return builder;
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,9 +1,5 @@
<Project Sdk="Microsoft.NET.Sdk">

<PropertyGroup>
<TargetFrameworks>$(LibraryTargetFrameworks)</TargetFrameworks>
</PropertyGroup>

<PropertyGroup>
<PackageId>HotChocolate.AspNetCore.Authorization</PackageId>
<AssemblyName>HotChocolate.AspNetCore.Authorization</AssemblyName>
Expand All @@ -16,8 +12,7 @@
</ItemGroup>

<ItemGroup>
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="3.1.4" />
<PackageReference Include="Microsoft.AspNetCore.Authorization" Version="3.1.4" />
<FrameworkReference Include="Microsoft.AspNetCore.App" />
</ItemGroup>

</Project>
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,27 @@ public async Task DefaultPolicy_NotFound_But_Allowed(Action<IRequestExecutorBuil
result.MatchSnapshot();
}

[Fact]
public async Task DefaultPolicy_NotFound_But_Allowed_2()
{
// arrange
var server = CreateTestServer(
builder =>
{
builder
.AddQueryType<AuthorizationAttributeTestData.Query>()
.AddAuthorization(options => options.DefaultPolicy = null!);
},
context => context.User = new ClaimsPrincipal(new ClaimsIdentity("abc")));

// act
var result = await server.PostAsync(new ClientQueryRequest { Query = "{ default }" });

// assert
Assert.Equal(HttpStatusCode.OK, result.StatusCode);
result.MatchSnapshot();
}

[Theory]
[ClassData(typeof(AuthorizationTestData))]
[ClassData(typeof(AuthorizationAttributeTestData))]
Expand Down Expand Up @@ -118,7 +139,7 @@ public async Task DefaultPolicy_Disallow_Anonymous(Action<IRequestExecutorBuilde
[Theory]
[ClassData(typeof(AuthorizationTestData))]
[ClassData(typeof(AuthorizationAttributeTestData))]
public async Task NoAuthServices(Action<IRequestExecutorBuilder> configure)
public async Task AuthServiceIsAlwaysAdded(Action<IRequestExecutorBuilder> configure)
{
// arrange
var server = CreateTestServer(
Expand All @@ -137,8 +158,34 @@ public async Task NoAuthServices(Action<IRequestExecutorBuilder> configure)
await server.PostAsync(new ClientQueryRequest { Query = "{ age }" });

// assert
Assert.Equal(HttpStatusCode.InternalServerError, result.StatusCode);
result.MatchSnapshot();
result.MatchInlineSnapshot(
"""
{
"ContentType": "application/graphql-response+json; charset=utf-8",
"StatusCode": "OK",
"Data": {
"age": null
},
"Errors": [
{
"message": "The `HasAgeDefined` authorization policy does not exist.",
"locations": [
{
"line": 1,
"column": 3
}
],
"path": [
"age"
],
"extensions": {
"code": "AUTH_POLICY_NOT_FOUND"
}
}
],
"Extensions": null
}
""");
}

[Theory]
Expand Down Expand Up @@ -627,12 +674,12 @@ public void AddAuthorizeDirectiveType_SchemaBuilderIsNull_ArgNullExec()
{
// arrange
// act
static void action() =>
static void Action() =>
AuthorizeSchemaBuilderExtensions
.AddAuthorizeDirectiveType(null!);

// assert
Assert.Throws<ArgumentNullException>(action);
Assert.Throws<ArgumentNullException>(Action);
}

private TestServer CreateTestServer(
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
{
"ContentType": "application/graphql-response+json; charset=utf-8",
"StatusCode": "OK",
"Data": {
"default": "foo"
},
"Errors": null,
"Extensions": null
}

This file was deleted.

0 comments on commit 19f152c

Please sign in to comment.