Flow endpoint and httpcontext always from authz middleware (#22672)

HaoK · web-flow · commit 8541bf6c9805 · 2020-06-19T18:14:47.000-07:00
diff --git a/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs b/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs
@@ -61,8 +61,7 @@ public async Task Invoke(HttpContext context)
                 return;
             }
 
-            // Note that the resource will be null if there is no matched endpoint
-            var authorizeResult = await policyEvaluator.AuthorizeAsync(policy, authenticateResult, context, resource: endpoint);
+            var authorizeResult = await policyEvaluator.AuthorizeAsync(policy, authenticateResult, context, resource: context);
 
             var authorizationMiddlewareResultHandler = context.RequestServices.GetRequiredService<IAuthorizationMiddlewareResultHandler>();
             await authorizationMiddlewareResultHandler.HandleAsync(_next, context, policy, authorizeResult);
diff --git a/src/Security/Authorization/test/AuthorizationMiddlewareTests.cs b/src/Security/Authorization/test/AuthorizationMiddlewareTests.cs
@@ -314,13 +314,13 @@ public async Task Invoke_SingleValidClaimShouldSucceed()
         }
 
         [Fact]
-        public async Task AuthZResourceShouldBeEndpoint()
+        public async Task AuthZResourceShouldBeHttpContextAndHaveHEndpoint()
         {
             // Arrange
-            object resource = null;
+            HttpContext resource = null;
             var policy = new AuthorizationPolicyBuilder().RequireAssertion(c =>
             {
-                resource = c.Resource;
+                resource = c.Resource as HttpContext;
                 return true;
             }).Build();
             var policyProvider = new Mock<IAuthorizationPolicyProvider>();
@@ -335,7 +335,9 @@ public async Task AuthZResourceShouldBeEndpoint()
             await middleware.Invoke(context);
 
             // Assert
-            Assert.Equal(endpoint, resource);
+            Assert.NotNull(resource);
+            Assert.Equal(context, resource);
+            Assert.Equal(endpoint, resource.GetEndpoint());
         }
 
         [Fact]

Original file line number	Diff line number	Diff line change
`@@ -61,8 +61,7 @@ public async Task Invoke(HttpContext context)`
`61`	`61`	`return;`
`62`	`62`	`}`
`63`	`63`
`64`		`- // Note that the resource will be null if there is no matched endpoint`
`65`		`- var authorizeResult = await policyEvaluator.AuthorizeAsync(policy, authenticateResult, context, resource: endpoint);`
	`64`	`+ var authorizeResult = await policyEvaluator.AuthorizeAsync(policy, authenticateResult, context, resource: context);`
`66`	`65`
`67`	`66`	`var authorizationMiddlewareResultHandler = context.RequestServices.GetRequiredService<IAuthorizationMiddlewareResultHandler>();`
`68`	`67`	`await authorizationMiddlewareResultHandler.HandleAsync(_next, context, policy, authorizeResult);`
Original file line number	Diff line number	Diff line change
`@@ -314,13 +314,13 @@ public async Task Invoke_SingleValidClaimShouldSucceed()`
`314`	`314`	`}`
`315`	`315`
`316`	`316`	`[Fact]`
`317`		`- public async Task AuthZResourceShouldBeEndpoint()`
	`317`	`+ public async Task AuthZResourceShouldBeHttpContextAndHaveHEndpoint()`
`318`	`318`	`{`
`319`	`319`	`// Arrange`
`320`		`- object resource = null;`
	`320`	`+ HttpContext resource = null;`
`321`	`321`	`var policy = new AuthorizationPolicyBuilder().RequireAssertion(c =>`
`322`	`322`	`{`
`323`		`- resource = c.Resource;`
	`323`	`+ resource = c.Resource as HttpContext;`
`324`	`324`	`return true;`
`325`	`325`	`}).Build();`
`326`	`326`	`var policyProvider = new Mock<IAuthorizationPolicyProvider>();`
`@@ -335,7 +335,9 @@ public async Task AuthZResourceShouldBeEndpoint()`
`335`	`335`	`await middleware.Invoke(context);`
`336`	`336`
`337`	`337`	`// Assert`
`338`		`- Assert.Equal(endpoint, resource);`
	`338`	`+ Assert.NotNull(resource);`
	`339`	`+ Assert.Equal(context, resource);`
	`340`	`+ Assert.Equal(endpoint, resource.GetEndpoint());`
`339`	`341`	`}`
`340`	`342`
`341`	`343`	`[Fact]`