88using System . Security . Principal ;
99using System . Threading . Tasks ;
1010using Microsoft . Extensions . Logging ;
11+ using Microsoft . Extensions . Options ;
1112
1213namespace Microsoft . AspNetCore . Authorization
1314{
@@ -16,6 +17,7 @@ namespace Microsoft.AspNetCore.Authorization
1617 /// </summary>
1718 public class DefaultAuthorizationService : IAuthorizationService
1819 {
20+ private readonly AuthorizationOptions _options ;
1921 private readonly IAuthorizationHandlerContextFactory _contextFactory ;
2022 private readonly IAuthorizationEvaluator _evaluator ;
2123 private readonly IAuthorizationPolicyProvider _policyProvider ;
@@ -28,7 +30,7 @@ public class DefaultAuthorizationService : IAuthorizationService
2830 /// <param name="policyProvider">The <see cref="IAuthorizationPolicyProvider"/> used to provide policies.</param>
2931 /// <param name="handlers">The handlers used to fulfill <see cref="IAuthorizationRequirement"/>s.</param>
3032 /// <param name="logger">The logger used to log messages, warnings and errors.</param>
31- public DefaultAuthorizationService ( IAuthorizationPolicyProvider policyProvider , IEnumerable < IAuthorizationHandler > handlers , ILogger < DefaultAuthorizationService > logger ) : this ( policyProvider , handlers , logger , new DefaultAuthorizationHandlerContextFactory ( ) , new DefaultAuthorizationEvaluator ( ) ) { }
33+ public DefaultAuthorizationService ( IAuthorizationPolicyProvider policyProvider , IEnumerable < IAuthorizationHandler > handlers , ILogger < DefaultAuthorizationService > logger ) : this ( policyProvider , handlers , logger , new DefaultAuthorizationHandlerContextFactory ( ) , new DefaultAuthorizationEvaluator ( ) , Options . Create ( new AuthorizationOptions ( ) ) ) { }
3234
3335 /// <summary>
3436 /// Creates a new instance of <see cref="DefaultAuthorizationService"/>.
@@ -38,8 +40,13 @@ public class DefaultAuthorizationService : IAuthorizationService
3840 /// <param name="logger">The logger used to log messages, warnings and errors.</param>
3941 /// <param name="contextFactory">The <see cref="IAuthorizationHandlerContextFactory"/> used to create the context to handle the authorization.</param>
4042 /// <param name="evaluator">The <see cref="IAuthorizationEvaluator"/> used to determine if authorzation was successful.</param>
41- public DefaultAuthorizationService ( IAuthorizationPolicyProvider policyProvider , IEnumerable < IAuthorizationHandler > handlers , ILogger < DefaultAuthorizationService > logger , IAuthorizationHandlerContextFactory contextFactory , IAuthorizationEvaluator evaluator )
43+ /// <param name="options">The <see cref="AuthorizationOptions"/> used.</param>
44+ public DefaultAuthorizationService ( IAuthorizationPolicyProvider policyProvider , IEnumerable < IAuthorizationHandler > handlers , ILogger < DefaultAuthorizationService > logger , IAuthorizationHandlerContextFactory contextFactory , IAuthorizationEvaluator evaluator , IOptions < AuthorizationOptions > options )
4245 {
46+ if ( options == null )
47+ {
48+ throw new ArgumentNullException ( nameof ( options ) ) ;
49+ }
4350 if ( policyProvider == null )
4451 {
4552 throw new ArgumentNullException ( nameof ( policyProvider ) ) ;
@@ -61,6 +68,7 @@ public DefaultAuthorizationService(IAuthorizationPolicyProvider policyProvider,
6168 throw new ArgumentNullException ( nameof ( evaluator ) ) ;
6269 }
6370
71+ _options = options . Value ;
6472 _handlers = handlers . ToArray ( ) ;
6573 _policyProvider = policyProvider ;
6674 _logger = logger ;
@@ -89,6 +97,10 @@ public async Task<bool> AuthorizeAsync(ClaimsPrincipal user, object resource, IE
8997 foreach ( var handler in _handlers )
9098 {
9199 await handler . HandleAsync ( authContext ) ;
100+ if ( ! _options . InvokeHandlersAfterFailure && authContext . HasFailed )
101+ {
102+ break ;
103+ }
92104 }
93105
94106 if ( _evaluator . HasSucceeded ( authContext ) )
0 commit comments