in src/Microsoft.Azure.SignalR/Utilities/AuthorizeHelper.cs [19:71]
public static async Task<bool> AuthorizeAsync(HttpContext context, IList<IAuthorizeData> policies)
{
if (policies.Count == 0)
{
return true;
}
var policyProvider = context.RequestServices.GetRequiredService<IAuthorizationPolicyProvider>();
var authorizePolicy = await AuthorizationPolicy.CombineAsync(policyProvider, policies);
var policyEvaluator = context.RequestServices.GetRequiredService<IPolicyEvaluator>();
// This will set context.User if required
var authenticateResult = await policyEvaluator.AuthenticateAsync(authorizePolicy, context);
var authorizeResult = await policyEvaluator.AuthorizeAsync(authorizePolicy, authenticateResult, context, resource: null);
if (authorizeResult.Succeeded)
{
return true;
}
else if (authorizeResult.Challenged)
{
if (authorizePolicy.AuthenticationSchemes.Count > 0)
{
foreach (var scheme in authorizePolicy.AuthenticationSchemes)
{
await context.ChallengeAsync(scheme);
}
}
else
{
await context.ChallengeAsync();
}
return false;
}
else if (authorizeResult.Forbidden)
{
if (authorizePolicy.AuthenticationSchemes.Count > 0)
{
foreach (var scheme in authorizePolicy.AuthenticationSchemes)
{
await context.ForbidAsync(scheme);
}
}
else
{
await context.ForbidAsync();
}
return false;
}
return false;
}