你好,
我正在尝试在 Hot Chocolate 中实现基于策略的授权 graphql
服务器。
我在看他们的documentation并引用 Microsoft's guide
我想要达到的目标
我想要那个 HandleRequirementAsync()
每当 User query
时都会被调用正在被调用。
我所做的
User Policy
在 ConfigureServices
public void ConfigureServices(IServiceCollection services)
{
services.AddHttpContextAccessor();
services.AddAuthorization(options =>
{
options.AddPolicy("UserPolicy",
policy => policy.Requirements.Add(new UserRequirement()));
});
services.AddSingleton<Query>();
services.AddSingleton<IAuthorizationHandler, UserAuthorizationHandler>();
services.AddSingleton(typeof(IUserRepo), typeof(UserRepo));
services.AddSingleton(typeof(IBookRepository), typeof(BookRepository));
services.AddGraphQL(
SchemaBuilder.New()
.AddAuthorizeDirectiveType()
.AddType<UserType>()
.AddType<BookType>()
.AddQueryType<Query>());
}
User requirement class
和 handler
public class UserAuthorizationHandler : AuthorizationHandler<UserRequirement, IResolverContext>
{
private IHttpContextAccessor _accessor;
public UserAuthorizationHandler([Service] IHttpContextAccessor accessor)
{
_accessor = accessor;
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, UserRequirement requirement,
IResolverContext resource)
{
context.Succeed(requirement);
return Task.CompletedTask;
}
}
public class UserRequirement : IAuthorizationRequirement
{
}
public class UserType
: ObjectType<User>
{
protected override void Configure(IObjectTypeDescriptor<User> descriptor)
{
descriptor.Field(t => t.Name).Type<NonNullType<StringType>>().Authorize("UserPolicy");
descriptor.Field(t => t.Id).Type<NonNullType<StringType>>();
}
}
问题
运行此代码时。我希望
HandleRequirementAsync
将被调用。这种方法应该总是成功的。但是,当请求用户时。实际发生的是该方法没有被调用,并且请求立即被拒绝,并给出以下响应:{
"errors": [
{
"message": "The current user is not authorized to access this resource.",
"locations": [
{
"line": 3,
"column": 5
}
],
"path": [
"user",
"name"
],
"extensions": {
"code": "AUTH_NOT_AUTHENTICATED"
}
}
]
}
最佳答案
我只是有一个类似的问题。就我而言,我必须确保在
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
我有
app.UseAuthentication();
app.UseAuthorization();
首先和然后
app.UseWebSockets()
.UseGraphQL("/graphql")
.UsePlayground("/graphql")
.UseVoyager("/graphql");
关于asp.net-core - 在 Hot Chocolate 中使用授权时不会调用 HandleRequirementAsync,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/61040078/