From 1e8d3a483673dc30b01af425f897acd40102ea05 Mon Sep 17 00:00:00 2001 From: Tony Hallett Date: Fri, 17 May 2024 16:57:05 +0100 Subject: [PATCH] Correct iard.md Remove all references to the MinimumAgePolicyProvider that is not used when using IAuthorizationRequirementData. The middleware constructs a policy adding the requirements from IAuthorizationRequirementData.GetRequirements https://github.com/dotnet/aspnetcore/blob/82b0fc9f43ae2bd50fb95f427116efc2f6f094df/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs#L130 --- aspnetcore/security/authorization/iard.md | 23 ++--------------------- 1 file changed, 2 insertions(+), 21 deletions(-) diff --git a/aspnetcore/security/authorization/iard.md b/aspnetcore/security/authorization/iard.md index 268e892bbcd3..b3a4d52a0436 100644 --- a/aspnetcore/security/authorization/iard.md +++ b/aspnetcore/security/authorization/iard.md @@ -13,32 +13,13 @@ Consider the following sample that implements a custom `MinimumAgeAuthorizationH :::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/AuthRequirementsData/Program.cs" highlight="9"::: -The `MinimumAgeAuthorizationHandler` class: +The `MinimumAgeAuthorizationHandler` class handles the single IAuthorizationRequirement provided by the MinimumAgeAuthorizeAttribute implementation of IAuthorizationRequirementData, as specified by the generic parameter MinimumAgeAuthorizeAttribute. :::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/AuthRequirementsData/Authorization/MinimumAgeAuthorizationHandler.cs" highlight="7,19"::: -The custom `MinimumAgePolicyProvider`: - -:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/AuthRequirementsData/Authorization/MinimumAgePolicyProvider.cs" id="snippet_all"::: - -ASP.NET Core only uses one authorization policy provider. If the custom implementation -doesn't handle all policies, including default policies, etc., it should fall back to an -alternate provider. In the preceding sample, a default authorization policy provider is: - -* Constructed with options from the [dependency injection container](xref:fundamentals/dependency-injection). -* Used if this custom provider isn't able to handle a given policy name. - -If a custom policy provider is able to handle all expected policy names, setting the fallback policy with isn't required. - -:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/AuthRequirementsData/Authorization/MinimumAgePolicyProvider.cs" id="snippet_1"::: - -Policies are looked up by string name, therefore parameters, for example, `age`, are embedded in the policy names. This is abstracted away from developers by the more strongly-typed attributes derived from . For example, the `[MinimumAgeAuthorize()]` attribute in this sample looks up policies by string name. - -:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/AuthRequirementsData/Authorization/MinimumAgePolicyProvider.cs" id="snippet_2"::: - The `MinimumAgeAuthorizeAttribute` uses the interface that allows the attribute definition to specify the requirements associated with the authorization policy: -:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/AuthRequirementsData/Authorization/MinimumAgeAuthorizeAttribute.cs" highlight="6"::: +:::code language="csharp" source="~/../AspNetCore.Docs.Samples/security/authorization/AuthRequirementsData/Authorization/MinimumAgeAuthorizeAttribute.cs" highlight="6,11"::: The `GreetingsController` displays the user's name when they satisfy the minimum age policy: