I have migrated my project from asp.net core 2.1 to .NET 6, and now I am facing an error with `context.Resource as AuthorizationFilterContext` which is return NULL.
I have implemented a custom Policy-based authorization using AuthorizationFilterContext, It seems that.NET 6 does not support `AuthorizationFilterContext` Please help me how to modify the below code from asp.net core 2.1 to .NET6. thank you.
Here is the error message in this line `var mvcContext = context.Resource as AuthorizationFilterContext;`
> **mvcContext == NULL**
Here is the Implemention Code of `AuthorizationHandler` and `AuthorizationHandlerContext`
public class HasAccessRequirment : IAuthorizationRequirement { } public class HasAccessHandler : AuthorizationHandler<HasAccessRequirment> { public readonly HoshmandDBContext _context; public HasAccessHandler(HoshmandDBContext context) { _context = context; } protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, HasAccessRequirment requirement) { Contract.Ensures(Contract.Result<Task>() != null); List<int?> userGroupIds = new List<int?>(); // receive the function informations var mvcContext = context.Resource as AuthorizationFilterContext; if ((mvcContext != null) && !context.User.Identity.IsAuthenticated) { mvcContext.Result = new RedirectToActionResult("UserLogin", "Logins", null); return Task.FromResult(Type.Missing); } if (!(mvcContext?.ActionDescriptor is ControllerActionDescriptor descriptor)) { return Task.FromResult(Type.Missing); } var currntActionAddress = descriptor.ControllerName + "/" + descriptor.ActionName; // finding all information about controller and method from Tables // check user has access to current action which is being called //allActionInfo = ListAcctionsFromDatabase; //bool isPostBack = allActionInfo.FirstOrDefault(a => a.action == currntActionAddress)?.IsMenu ?? true; bool isPostBack = false; if (!isPostBack) { mvcContext.Result = new RedirectToActionResult("AccessDenied", descriptor.ControllerName, null); context.Succeed(requirement); return Task.CompletedTask; } else { mvcContext.Result = new RedirectToActionResult("AccessDeniedView", descriptor.ControllerName, null); context.Succeed(requirement); return Task.CompletedTask; } } }
Here is my Program.cs Code:
builder.Services.AddAuthorization(options => { options.AddPolicy("HasAccess", policy => policy.AddRequirements(new HasAccessRequirment())); }); builder.Services.AddTransient<IAuthorizationHandler, HasAccessHandler>();
Here is the Controller Code:
[Authorize(policy: "HasAccess")] public class HomeController : BaseController { }