[C#/ASP.NET MVC/.NETCORE] DefaultAuthorizationPolicyProvider 클래스 : 커스텀 권한 정책 공급자 사용하기

■ DefaultAuthorizationPolicyProvider 클래스에서 커스텀 권한 정책 공급자를 사용하는 방법을 보여준다.

▶ Providers/CustomPolicyNameList.cs


using System.Collections.Generic;

namespace TestProject.Providers
{
    /// <summary>
    /// 커스텀 정책명 리스트
    /// </summary>
    public static class CustomPolicyNameList
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Field
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region Field

        /// <summary>
        /// 보안 레벨
        /// </summary>
        public const string SecurityLevel = "SecurityLevel";

        /// <summary>
        /// 순위
        /// </summary>
        public const string Rank = "Rank";

        #endregion

        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 구하기 - Get()

        /// <summary>
        /// 구하기
        /// </summary>
        /// <returns>리스트</returns>
        public static List<string> Get()
        {
            return new List<string>
            {
                SecurityLevel,
                Rank
            };
        }

        #endregion
    }
}

using System.Collections.Generic;

namespace TestProject.Providers

{

/// <summary>

/// 커스텀 정책명 리스트

/// </summary>

public static class CustomPolicyNameList

{

//////////////////////////////////////////////////////////////////////////////////////////////////// Field

////////////////////////////////////////////////////////////////////////////////////////// Public

#region Field

/// <summary>

/// 보안 레벨

/// </summary>

public const string SecurityLevel = "SecurityLevel";

/// <summary>

/// 순위

/// </summary>

public const string Rank = "Rank";

#endregion

//////////////////////////////////////////////////////////////////////////////////////////////////// Method

////////////////////////////////////////////////////////////////////////////////////////// Public

#region 구하기 - Get()

/// <summary>

/// 구하기

/// </summary>

/// <returns>리스트</returns>

public static List<string> Get()

{

return new List<string>

{

SecurityLevel,

Rank

};

}

#endregion

}

▶ Providers/SecurityLevelAuthorizationRequirement.cs


using Microsoft.AspNetCore.Authorization;

namespace TestProject.Providers
{
    /// <summary>
    /// 보안 레벨 권한 요청
    /// </summary>
    public class SecurityLevelAuthorizationRequirement : IAuthorizationRequirement
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Property
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 보안 레벨 - SecurityLevel

        /// <summary>
        /// 보안 레벨
        /// </summary>
        public int SecurityLevel { get; private set; }

        #endregion

        //////////////////////////////////////////////////////////////////////////////////////////////////// Constructor
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 생성자 - SecurityLevelRequirement(securityLevel)

        /// <summary>
        /// 생성자
        /// </summary>
        /// <param name="securityLevel">보안 레벨</param>
        public SecurityLevelAuthorizationRequirement(int securityLevel)
        {
            SecurityLevel = securityLevel;
        }

        #endregion
    }
}

using Microsoft.AspNetCore.Authorization;

namespace TestProject.Providers

{

/// <summary>

/// 보안 레벨 권한 요청

/// </summary>

public class SecurityLevelAuthorizationRequirement : IAuthorizationRequirement

{

//////////////////////////////////////////////////////////////////////////////////////////////////// Property

////////////////////////////////////////////////////////////////////////////////////////// Public

#region 보안 레벨 - SecurityLevel

/// <summary>

/// 보안 레벨

/// </summary>

public int SecurityLevel { get; private set; }

#endregion

//////////////////////////////////////////////////////////////////////////////////////////////////// Constructor

////////////////////////////////////////////////////////////////////////////////////////// Public

#region 생성자 - SecurityLevelRequirement(securityLevel)

/// <summary>

/// 생성자

/// </summary>

/// <param name="securityLevel">보안 레벨</param>

public SecurityLevelAuthorizationRequirement(int securityLevel)

{

SecurityLevel = securityLevel;

}

#endregion

}

▶ Providers/CustomAuthorizationPilicyFactory.cs


using Microsoft.AspNetCore.Authorization;
using System;
using System.Linq;

namespace TestProject.Providers
{
    /// <summary>
    /// 커스텀 권한 정책 팩토리
    /// </summary>
    public static class CustomAuthorizationPilicyFactory
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Static
        //////////////////////////////////////////////////////////////////////////////// Public

        #region 생성하기 - Create(policyName)

        /// <summary>
        /// 생성하기
        /// </summary>
        /// <param name="policyName">정책명</param>
        /// <returns>권한 정책</returns>
        public static AuthorizationPolicy Create(string policyName)
        {
            string[] partArray = policyName.Split('.');
            string   type      = partArray.First();
            string   value     = partArray.Last();

            switch(type)
            {
                case CustomPolicyNameList.Rank :

                    return new AuthorizationPolicyBuilder()
                        .RequireClaim("Rank", value)
                        .Build();

                case CustomPolicyNameList.SecurityLevel :

                    return new AuthorizationPolicyBuilder()
                        .AddRequirements(new SecurityLevelAuthorizationRequirement(Convert.ToInt32(value)))
                        .Build();

                default :

                    return null;
            }
        }

        #endregion
    }
}

using Microsoft.AspNetCore.Authorization;

using System;

using System.Linq;

namespace TestProject.Providers

{

/// <summary>

/// 커스텀 권한 정책 팩토리

/// </summary>

public static class CustomAuthorizationPilicyFactory

{

//////////////////////////////////////////////////////////////////////////////////////////////////// Method

////////////////////////////////////////////////////////////////////////////////////////// Static

//////////////////////////////////////////////////////////////////////////////// Public

#region 생성하기 - Create(policyName)

/// <summary>

/// 생성하기

/// </summary>

/// <param name="policyName">정책명</param>

/// <returns>권한 정책</returns>

public static AuthorizationPolicy Create(string policyName)

{

string[] partArray = policyName.Split('.');

string type = partArray.First();

string value = partArray.Last();

switch(type)

{

case CustomPolicyNameList.Rank :

return new AuthorizationPolicyBuilder()

.RequireClaim("Rank", value)

.Build();

case CustomPolicyNameList.SecurityLevel :

return new AuthorizationPolicyBuilder()

.AddRequirements(new SecurityLevelAuthorizationRequirement(Convert.ToInt32(value)))

.Build();

default :

return null;

}

#endregion

}

▶ Providers/CustomAuthorizationPolicyProvider.cs


using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Options;
using System.Threading.Tasks;

namespace TestProject.Providers
{
    /// <summary>
    /// 커스텀 권한 정책 공급자
    /// </summary>
    public class CustomAuthorizationPolicyProvider : DefaultAuthorizationPolicyProvider
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Constructor
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 생성자 - CustomAuthorizationPolicyProvider(options)

        /// <summary>
        /// 생성자
        /// </summary>
        /// <param name="options">옵션</param>
        public CustomAuthorizationPolicyProvider(IOptions<AuthorizationOptions> options) : base(options)
        {
        }

        #endregion

        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 정책 구하기 (비동기) - GetPolicyAsync(policyName)

        /// <summary>
        /// 정책 구하기 (비동기)
        /// </summary>
        /// <param name="policyName">정책명</param>
        /// <returns>권한 정책 태스크</returns>
        public override Task<AuthorizationPolicy> GetPolicyAsync(string policyName)
        {
            foreach(string customPolicyName in CustomPolicyNameList.Get())
            {
                if(policyName.StartsWith(customPolicyName))
                {
                    AuthorizationPolicy policy = CustomAuthorizationPilicyFactory.Create(policyName);

                    return Task.FromResult(policy);
                }
            }

            return base.GetPolicyAsync(policyName);
        }

        #endregion
    }
}

using Microsoft.AspNetCore.Authorization;

using Microsoft.Extensions.Options;

using System.Threading.Tasks;

namespace TestProject.Providers

{

/// <summary>

/// 커스텀 권한 정책 공급자

/// </summary>

public class CustomAuthorizationPolicyProvider : DefaultAuthorizationPolicyProvider

{

//////////////////////////////////////////////////////////////////////////////////////////////////// Constructor

////////////////////////////////////////////////////////////////////////////////////////// Public

#region 생성자 - CustomAuthorizationPolicyProvider(options)

/// <summary>

/// 생성자

/// </summary>

/// <param name="options">옵션</param>

public CustomAuthorizationPolicyProvider(IOptions<AuthorizationOptions> options) : base(options)

{

}

#endregion

//////////////////////////////////////////////////////////////////////////////////////////////////// Method

////////////////////////////////////////////////////////////////////////////////////////// Public

#region 정책 구하기 (비동기) - GetPolicyAsync(policyName)

/// <summary>

/// 정책 구하기 (비동기)

/// </summary>

/// <param name="policyName">정책명</param>

/// <returns>권한 정책 태스크</returns>

public override Task<AuthorizationPolicy> GetPolicyAsync(string policyName)

{

foreach(string customPolicyName in CustomPolicyNameList.Get())

{

if(policyName.StartsWith(customPolicyName))

{

AuthorizationPolicy policy = CustomAuthorizationPilicyFactory.Create(policyName);

return Task.FromResult(policy);

}

return base.GetPolicyAsync(policyName);

}

#endregion

}

▶ Providers/SecurityLevelAuthorizeAttribute.cs


using Microsoft.AspNetCore.Authorization;

namespace TestProject.Providers
{
    /// <summary>
    /// 보안 레벨 권한 어트리뷰트
    /// </summary>
    public class SecurityLevelAuthorizeAttribute : AuthorizeAttribute
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Constructor
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 생성자 - SecurityLevelAttribute(level)

        /// <summary>
        /// 생성자
        /// </summary>
        /// <param name="level">레벨</param>
        public SecurityLevelAuthorizeAttribute(int level)
        {
            Policy = $"{CustomPolicyNameList.SecurityLevel}.{level}";
        }

        #endregion
    }
}

using Microsoft.AspNetCore.Authorization;

namespace TestProject.Providers

{

/// <summary>

/// 보안 레벨 권한 어트리뷰트

/// </summary>

public class SecurityLevelAuthorizeAttribute : AuthorizeAttribute

{

//////////////////////////////////////////////////////////////////////////////////////////////////// Constructor

////////////////////////////////////////////////////////////////////////////////////////// Public

#region 생성자 - SecurityLevelAttribute(level)

/// <summary>

/// 생성자

/// </summary>

/// <param name="level">레벨</param>

public SecurityLevelAuthorizeAttribute(int level)

{

Policy = $"{CustomPolicyNameList.SecurityLevel}.{level}";

}

#endregion

}

▶ Providers/SecurityLevelAuthorizationHandler.cs


using Microsoft.AspNetCore.Authorization;
using System;
using System.Linq;
using System.Threading.Tasks;

namespace TestProject.Providers
{
    /// <summary>
    /// 보안 레벨 권한 핸들러
    /// </summary>
    public class SecurityLevelAuthorizationHandler : AuthorizationHandler<SecurityLevelAuthorizationRequirement>
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Protected

        #region 요청 처리하기 (비동기) - HandleRequirementAsync(context, requirement)

        /// <summary>
        /// 요청 처리하기 (비동기)
        /// </summary>
        /// <param name="context">컨텍스트</param>
        /// <param name="requirement">요청</param>
        /// <returns>태스크</returns>
        protected override Task HandleRequirementAsync
        (
            AuthorizationHandlerContext           context,
            SecurityLevelAuthorizationRequirement requirement
        )
        {
            int securityLevel = Convert.ToInt32
            (
                context.User.Claims.FirstOrDefault(x => x.Type == CustomPolicyNameList.SecurityLevel) ?.Value ?? "0"
            );

            if(requirement.SecurityLevel <= securityLevel)
            {
                context.Succeed(requirement);
            }
            else
            {
                context.Fail();
            }

            return Task.CompletedTask;
        }

        #endregion
    }
}

using Microsoft.AspNetCore.Authorization;

using System;

using System.Linq;

using System.Threading.Tasks;

namespace TestProject.Providers

{

/// <summary>

/// 보안 레벨 권한 핸들러

/// </summary>

public class SecurityLevelAuthorizationHandler : AuthorizationHandler<SecurityLevelAuthorizationRequirement>

{

//////////////////////////////////////////////////////////////////////////////////////////////////// Method

////////////////////////////////////////////////////////////////////////////////////////// Protected

#region 요청 처리하기 (비동기) - HandleRequirementAsync(context, requirement)

/// <summary>

/// 요청 처리하기 (비동기)

/// </summary>

/// <param name="context">컨텍스트</param>

/// <param name="requirement">요청</param>

/// <returns>태스크</returns>

protected override Task HandleRequirementAsync

(

AuthorizationHandlerContext context,

SecurityLevelAuthorizationRequirement requirement

)

{

int securityLevel = Convert.ToInt32

(

context.User.Claims.FirstOrDefault(x => x.Type == CustomPolicyNameList.SecurityLevel) ?.Value ?? "0"

);

if(requirement.SecurityLevel <= securityLevel)

{

context.Succeed(requirement);

}

else

{

context.Fail();

}

return Task.CompletedTask;

}

#endregion

}

▶ Startup.cs


using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;

using TestProject.Providers;

namespace TestProject
{
    /// <summary>
    /// 시작
    /// </summary>
    public class Startup
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 서비스 컬렉션 구성하기 - ConfigureServices(services)

        /// <summary>
        /// 서비스 컬렉션 구성하기
        /// </summary>
        /// <param name="services">서비스 컬렉션</param>
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication("CookieAuthentication")
                .AddCookie
                (
                    "CookieAuthentication",
                    options =>
                    {
                        options.Cookie.Name      = "TestProject.Cookie";
                        options.LoginPath        = "/Home/Login";
                        options.AccessDeniedPath = "/Home/NoAuthorized";
                    }
                );

            services.AddSingleton<IAuthorizationPolicyProvider, CustomAuthorizationPolicyProvider>();

            services.AddScoped<IAuthorizationHandler, SecurityLevelAuthorizationHandler>();

            services.AddControllersWithViews();
        }

        #endregion
        #region 구성하기 - Configure(app, environment)

        /// <summary>
        /// 구성하기
        /// </summary>
        /// <param name="app">애플리케이션 빌더</param>
        /// <param name="environment">웹 호스트 환경</param>
        public void Configure(IApplicationBuilder app, IWebHostEnvironment environment)
        {
            if(environment.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseRouting();

            app.UseAuthentication();

            app.UseAuthorization();

            app.UseEndpoints
            (
                endpoints =>
                {
                    endpoints.MapDefaultControllerRoute();
                }
            );
        }

        #endregion
    }
}

using Microsoft.AspNetCore.Authentication;

using Microsoft.AspNetCore.Authorization;

using Microsoft.AspNetCore.Builder;

using Microsoft.AspNetCore.Hosting;

using Microsoft.Extensions.DependencyInjection;

using Microsoft.Extensions.Hosting;

using TestProject.Providers;

namespace TestProject

{

/// <summary>

/// 시작

/// </summary>

public class Startup

{

//////////////////////////////////////////////////////////////////////////////////////////////////// Method

////////////////////////////////////////////////////////////////////////////////////////// Public

#region 서비스 컬렉션 구성하기 - ConfigureServices(services)

/// <summary>

/// 서비스 컬렉션 구성하기

/// </summary>

/// <param name="services">서비스 컬렉션</param>

public void ConfigureServices(IServiceCollection services)

{

services.AddAuthentication("CookieAuthentication")

.AddCookie

(

"CookieAuthentication",

options =>

{

options.Cookie.Name = "TestProject.Cookie";

options.LoginPath = "/Home/Login";

options.AccessDeniedPath = "/Home/NoAuthorized";

}

);

services.AddSingleton<IAuthorizationPolicyProvider, CustomAuthorizationPolicyProvider>();

services.AddScoped<IAuthorizationHandler, SecurityLevelAuthorizationHandler>();

services.AddControllersWithViews();

}

#endregion

#region 구성하기 - Configure(app, environment)

/// <summary>

/// 구성하기

/// </summary>

/// <param name="app">애플리케이션 빌더</param>

/// <param name="environment">웹 호스트 환경</param>

public void Configure(IApplicationBuilder app, IWebHostEnvironment environment)

{

if(environment.IsDevelopment())

{

app.UseDeveloperExceptionPage();

}

app.UseRouting();

app.UseAuthentication();

app.UseAuthorization();

app.UseEndpoints

(

endpoints =>

{

endpoints.MapDefaultControllerRoute();

}

);

}

#endregion

}

▶ Controllers/HomeController.cs


using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System.Collections.Generic;
using System.Security.Claims;
using System.Threading.Tasks;

using TestProject.Providers;

namespace TestProject.Controllers
{
    /// <summary>
    /// 홈 컨트롤러
    /// </summary>
    public class HomeController : Controller
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 인덱스 페이지 처리하기 - Index()

        /// <summary>
        /// 인덱스 페이지 처리하기
        /// </summary>
        /// <returns>액션 결과</returns>
        public IActionResult Index()
        {
            return View();
        }

        #endregion
        #region 비밀 페이지 처리하기 - Secret()

        /// <summary>
        /// 비밀 페이지 처리하기
        /// </summary>
        /// <returns>액션 결과</returns>
        [Authorize]
        public IActionResult Secret()
        {
            return View();
        }

        #endregion
        #region 상위 비밀 페이지 처리하기 - HighSecret()

        /// <summary>
        /// 상위 비밀 페이지 처리하기
        /// </summary>
        /// <returns>액션 결과</returns>
        [SecurityLevelAuthorize(5)]
        public IActionResult HighSecret()
        {
            return View();
        }

        #endregion
        #region 최상위 비밀 페이지 처리하기 - TopSecret()

        /// <summary>
        /// 최상위 비밀 페이지 처리하기
        /// </summary>
        /// <returns>액션 결과</returns>
        [SecurityLevelAuthorize(10)]
        public IActionResult TopSecret()
        {
            return View();
        }

        #endregion
        #region 로그인 페이지 처리하기 - Login(returnURL)

        /// <summary>
        /// 로그인 페이지 처리하기
        /// </summary>
        /// <param name="returnURL">반환 URL</param>
        /// <returns>액션 결과</returns>
        [HttpGet]
        public IActionResult Login(string returnURL = null)
        {
            ViewData["ReturnURL"] = returnURL;

            return View();
        }

        #endregion
        #region 로그인 페이지 처리하기 - Login(userName, password, returnURL)

        /// <summary>
        /// 로그인 페이지 처리하기
        /// </summary>
        /// <param name="userName">사용자명</param>
        /// <param name="password">패스워드</param>
        /// <param name="returnURL">반환 URL</param>
        /// <returns>액션 결과</returns>
        [HttpPost]
        public async Task<IActionResult> Login(string userName, string password, string returnURL)
        {
            if(userName == "홍길동" && password == "1234")
            {
                List<Claim> personClaimList = new List<Claim>()
                {
                    new Claim(ClaimTypes.Name                   , "홍길동"        ),
                    new Claim(ClaimTypes.Gender                 , "남성"          ),
                    new Claim(ClaimTypes.DateOfBirth            , "2000-01-01"    ),
                    new Claim(ClaimTypes.HomePhone              , "02-700-1000"   ),
                    new Claim(ClaimTypes.MobilePhone            , "010-3000-4000" ),
                    new Claim(ClaimTypes.Email                  , "hkd@daum.net"  ),
                    new Claim(ClaimTypes.Country                , "한국"          ),
                    new Claim(ClaimTypes.PostalCode             , "300-400"       ),
                    new Claim(ClaimTypes.Role                   , "User"          ),
                    new Claim(CustomPolicyNameList.SecurityLevel, "7"             )
                };

                List<Claim> licenseClaimList = new List<Claim>()
                {
                    new Claim(ClaimTypes.Name , "홍길동"),
                    new Claim("License"       , "1급"   )
                };

                ClaimsIdentity personClaimsIdentity  = new ClaimsIdentity(personClaimList , "개인");
                ClaimsIdentity licenseClaimsIdentity = new ClaimsIdentity(licenseClaimList, "정부");

                ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal
                (
                    new []
                    {
                        personClaimsIdentity,
                        licenseClaimsIdentity
                    }
                );

                await HttpContext.SignInAsync("CookieAuthentication", claimsPrincipal);

                if(returnURL == null)
                {
                    return RedirectToAction("Index");
                }
                else
                {
                    return Redirect(returnURL);
                }
            }
            else
            {
                ViewData["Message"] = "등록되지 않은 사용자 입니다.";

                return View();
            }
        }

        #endregion
        #region 로그아웃 페이지 처리하기 - Logout()

        /// <summary>
        /// 로그아웃 페이지 처리하기
        /// </summary>
        /// <returns>액션 결과 태스크</returns>
        public async Task<IActionResult> Logout()
        {
            await HttpContext.SignOutAsync("CookieAuthentication");

            return RedirectToAction("Index");
        }

        #endregion
        #region 권한 없음 페이지 처리하기 - NoAuthorized()

        /// <summary>
        /// 권한 없음 페이지 처리하기
        /// </summary>
        /// <returns>액션 결과</returns>
        public IActionResult NoAuthorized()
        {
            return View();
        }

        #endregion
    }
}

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

using Microsoft.AspNetCore.Authentication;

using Microsoft.AspNetCore.Authorization;

using Microsoft.AspNetCore.Mvc;

using System.Collections.Generic;

using System.Security.Claims;

using System.Threading.Tasks;

using TestProject.Providers;

namespace TestProject.Controllers

{

/// <summary>

/// 홈 컨트롤러

/// </summary>

public class HomeController : Controller

{

//////////////////////////////////////////////////////////////////////////////////////////////////// Method

////////////////////////////////////////////////////////////////////////////////////////// Public

#region 인덱스 페이지 처리하기 - Index()

/// <summary>

/// 인덱스 페이지 처리하기

/// </summary>

/// <returns>액션 결과</returns>

public IActionResult Index()

{

return View();

}

#endregion

#region 비밀 페이지 처리하기 - Secret()

/// <summary>

/// 비밀 페이지 처리하기

/// </summary>

/// <returns>액션 결과</returns>

[Authorize]

public IActionResult Secret()

{

return View();

}

#endregion

#region 상위 비밀 페이지 처리하기 - HighSecret()

/// <summary>

/// 상위 비밀 페이지 처리하기

/// </summary>

/// <returns>액션 결과</returns>

[SecurityLevelAuthorize(5)]

public IActionResult HighSecret()

{

return View();

}

#endregion

#region 최상위 비밀 페이지 처리하기 - TopSecret()

/// <summary>

/// 최상위 비밀 페이지 처리하기

/// </summary>

/// <returns>액션 결과</returns>

[SecurityLevelAuthorize(10)]

public IActionResult TopSecret()

{

return View();

}

#endregion

#region 로그인 페이지 처리하기 - Login(returnURL)

/// <summary>

/// 로그인 페이지 처리하기

/// </summary>

/// <param name="returnURL">반환 URL</param>

/// <returns>액션 결과</returns>

[HttpGet]

public IActionResult Login(string returnURL = null)

{

ViewData["ReturnURL"] = returnURL;

return View();

}

#endregion

#region 로그인 페이지 처리하기 - Login(userName, password, returnURL)

/// <summary>

/// 로그인 페이지 처리하기

/// </summary>

/// <param name="userName">사용자명</param>

/// <param name="password">패스워드</param>

/// <param name="returnURL">반환 URL</param>

/// <returns>액션 결과</returns>

[HttpPost]

public async Task<IActionResult> Login(string userName, string password, string returnURL)

{

if(userName == "홍길동" && password == "1234")

{

List<Claim> personClaimList = new List<Claim>()

{

new Claim(ClaimTypes.Name , "홍길동" ),

new Claim(ClaimTypes.Gender , "남성" ),

new Claim(ClaimTypes.DateOfBirth , "2000-01-01" ),

new Claim(ClaimTypes.HomePhone , "02-700-1000" ),

new Claim(ClaimTypes.MobilePhone , "010-3000-4000" ),

new Claim(ClaimTypes.Email , "hkd@daum.net" ),

new Claim(ClaimTypes.Country , "한국" ),

new Claim(ClaimTypes.PostalCode , "300-400" ),

new Claim(ClaimTypes.Role , "User" ),

new Claim(CustomPolicyNameList.SecurityLevel, "7" )

};

List<Claim> licenseClaimList = new List<Claim>()

{

new Claim(ClaimTypes.Name , "홍길동"),

new Claim("License" , "1급" )

};

ClaimsIdentity personClaimsIdentity = new ClaimsIdentity(personClaimList , "개인");

ClaimsIdentity licenseClaimsIdentity = new ClaimsIdentity(licenseClaimList, "정부");

ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal

(

new []

{

personClaimsIdentity,

licenseClaimsIdentity

}

);

await HttpContext.SignInAsync("CookieAuthentication", claimsPrincipal);

if(returnURL == null)

{

return RedirectToAction("Index");

}

else

{

return Redirect(returnURL);

}

else

{

ViewData["Message"] = "등록되지 않은 사용자 입니다.";

return View();

}

#endregion

#region 로그아웃 페이지 처리하기 - Logout()

/// <summary>

/// 로그아웃 페이지 처리하기

/// </summary>

/// <returns>액션 결과 태스크</returns>

public async Task<IActionResult> Logout()

{

await HttpContext.SignOutAsync("CookieAuthentication");

return RedirectToAction("Index");

}

#endregion

#region 권한 없음 페이지 처리하기 - NoAuthorized()

/// <summary>

/// 권한 없음 페이지 처리하기

/// </summary>

/// <returns>액션 결과</returns>

public IActionResult NoAuthorized()

{

return View();

}

#endregion

}

TestProject.zip

icodebroker

[C#/ASP.NET MVC/.NETCORE] DefaultAuthorizationPolicyProvider 클래스 : 커스텀 권한 정책 공급자 사용하기

분류

가장 많이 읽힌 글

보관함