Azure 服务的 C# 授权过滤器?
C# Authorization filters for Azure Services?
问题:是否有针对 ASP.NET Web API 的过滤器可以过滤请求以仅允许来自其他 Azure 服务的调用?
像这样的授权过滤器存在于它可以读取策略的地方,但是如果说,这个服务必须调用另一个 azure 服务来获取一些额外的信息,我希望能够使它成为一个受保护的端点,特别是它与之交互的其他 Azure 服务。最好的方法是什么?
[HttpGet("HQClient/{clientID}")]
[Authorize(Policy = "read:clients")]
public async Task<ActionResult<HQClient>> GetHQClientByID(Guid clientID)
{
// Implementation
}
编写一个中间件来检查请求是否来自 Azure 服务,并从启动 class(asp.net 核心)或 MVCApplication [=21= 中的“Configure”方法中调用它] 方法(asp.net MVC)
public void Configure(IApplicationBuilder app)
{
app.Use(async (context, next) =>
{
//write the code that check for azure services then..
//this calls the next delegate/middleware in the pipeline
await next();
});
}
您还可以编写自定义过滤器并在那里执行逻辑
//sample filter
class AuthorizeOnlyAzureServices : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//check for azure services
}
}
//sample filter usage
public class HomeController : Controller
{
[AuthorizeOnlyAzureServices]
public ActionResult Index()
{
return View();
}
}
您也可以类似地使用属性
//sample attribute
public class AuthorizeOnlyAzureServicesAttribute : System.Attribute
{
public AuthorizeOnlyAzureServicesAttribute(HttpRequest request)
{
//check that the request is from azure service
}
}
//sample usage
[AuthorizeOnlyAzureServices(System.Web.HttpContext.Current.Request)]
public ActionResult Index()
{
//code goes here
return View();
}
问题:是否有针对 ASP.NET Web API 的过滤器可以过滤请求以仅允许来自其他 Azure 服务的调用?
像这样的授权过滤器存在于它可以读取策略的地方,但是如果说,这个服务必须调用另一个 azure 服务来获取一些额外的信息,我希望能够使它成为一个受保护的端点,特别是它与之交互的其他 Azure 服务。最好的方法是什么?
[HttpGet("HQClient/{clientID}")]
[Authorize(Policy = "read:clients")]
public async Task<ActionResult<HQClient>> GetHQClientByID(Guid clientID)
{
// Implementation
}
编写一个中间件来检查请求是否来自 Azure 服务,并从启动 class(asp.net 核心)或 MVCApplication [=21= 中的“Configure”方法中调用它] 方法(asp.net MVC)
public void Configure(IApplicationBuilder app)
{
app.Use(async (context, next) =>
{
//write the code that check for azure services then..
//this calls the next delegate/middleware in the pipeline
await next();
});
}
您还可以编写自定义过滤器并在那里执行逻辑
//sample filter
class AuthorizeOnlyAzureServices : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//check for azure services
}
}
//sample filter usage
public class HomeController : Controller
{
[AuthorizeOnlyAzureServices]
public ActionResult Index()
{
return View();
}
}
您也可以类似地使用属性
//sample attribute
public class AuthorizeOnlyAzureServicesAttribute : System.Attribute
{
public AuthorizeOnlyAzureServicesAttribute(HttpRequest request)
{
//check that the request is from azure service
}
}
//sample usage
[AuthorizeOnlyAzureServices(System.Web.HttpContext.Current.Request)]
public ActionResult Index()
{
//code goes here
return View();
}