Couple of limitations with regards to customizing the AuthorizeAttribute:
- Cannot provide
Roles due to IAPI0002
- Cannot provide
AuthenticationSchemes due to IAPI0002
Regarding the AuthenticationSchemes, I would like to be able to accept Basic authentication in exchange for a JWT. JWT Bearer authentication would be accepted by all other endpoints.
AuthenticationSchemes Example
public sealed partial record GetTokenQuery();
[Handler]
[Tags("Auth")]
[MapGet("/auth/token")]
[Authorize]
public static partial class GetTokenHandler
{
private static readonly string[] AuthenticationSchemes = ["Basic"];
internal static void CustomizeEndpoint(IEndpointConventionBuilder endpoint)
=> endpoint.RequireAuthorization(new AuthorizationPolicy(new List<IAuthorizationRequirement>{ new DenyAnonymousAuthorizationRequirement() }, AuthenticationSchemes));
private static ValueTask<Ok<TokenResponse>> HandleAsync(GetTokenQuery query, ClientAuthorizationService clientAuthorizationService, CancellationToken cancellationToken)
{
var token = clientAuthorizationService.CreateToken("foo");
return ValueTask.FromResult(TypedResults.Ok(token));
}
}
Couple of limitations with regards to customizing the
AuthorizeAttribute:Rolesdue to IAPI0002AuthenticationSchemesdue to IAPI0002Regarding the
AuthenticationSchemes, I would like to be able to acceptBasicauthentication in exchange for a JWT. JWTBearerauthentication would be accepted by all other endpoints.AuthenticationSchemes Example