Authorization Interceptor
12 views
Skip to first unread message
Barry Dahlberg
Oct 20, 2009, 2:28:17 AM10/20/09
to OpenRasta
What is the best way to get information in and out of an
OperationInterceptor? I have the following which works but feels a
bit clunky:
public class Authorizer : OperationInterceptor
{
readonly IDependencyResolver dependencyResolver;
public Authorizer(IDependencyResolver dependencyResolver)
{
this.dependencyResolver = dependencyResolver;
}
public override bool BeforeExecute(IOperation operation)
{
// Was UserContext added by our authentication
contributor?
if (dependencyResolver.HasDependency<UserContext>())
return true;
// Are unauthenticated users allowed to call this?
if(operation.FindAttribute<PublicAttribute>() != null)
return true;
// Reject the request
var context =
dependencyResolver.Resolve<ICommunicationContext>();
context.OperationResult = new OperationResult.Unauthorized
();
return false;
}
}
1. Can I have the communication context injected somehow so I don't
need to call resolve?
2. Is this the correct way to reject the request?
I notice some comments a while ago about writing some documentation
for interceptors but haven't been able to find any so I assume it's
not done yet.
Thanks
Barry
OperationInterceptor? I have the following which works but feels a
bit clunky:
public class Authorizer : OperationInterceptor
{
readonly IDependencyResolver dependencyResolver;
public Authorizer(IDependencyResolver dependencyResolver)
{
this.dependencyResolver = dependencyResolver;
}
public override bool BeforeExecute(IOperation operation)
{
// Was UserContext added by our authentication
contributor?
if (dependencyResolver.HasDependency<UserContext>())
return true;
// Are unauthenticated users allowed to call this?
if(operation.FindAttribute<PublicAttribute>() != null)
return true;
// Reject the request
var context =
dependencyResolver.Resolve<ICommunicationContext>();
context.OperationResult = new OperationResult.Unauthorized
();
return false;
}
}
1. Can I have the communication context injected somehow so I don't
need to call resolve?
2. Is this the correct way to reject the request?
I notice some comments a while ago about writing some documentation
for interceptors but haven't been able to find any so I assume it's
not done yet.
Thanks
Barry
Reply all
Reply to author
Forward
0 new messages