Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HasPermission Attribute #119

Open
jimiscott opened this issue Oct 3, 2024 · 1 comment
Open

HasPermission Attribute #119

jimiscott opened this issue Oct 3, 2024 · 1 comment

Comments

@jimiscott
Copy link

We have a .net 7 WebAPI project, and the HasPermission is reporting the following error.

System.InvalidOperationException: The AuthorizationPolicy named: 'InvoiceRead' was not found.
   at Microsoft.AspNetCore.Authorization.AuthorizationPolicy.CombineAsync(IAuthorizationPolicyProvider policyProvider, IEnumerable`1 authorizeData, IEnumerable`1 policies)
   at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context)
Yarp.ReverseProxy.Forwarder.HttpForwarder: Information: Received HTTP/2.0 response 500.

The User.HasPermission (extension method) on the same controller works as expected.

We think this may be related to DI. We have have tried stepping through the code and the AuthPermission tests have not turned up anything. What specifically wires up the HasPermission attribute (OR am I looking at the wrong thing completely)?
@JonPSmith
Copy link
Owner

Hi @jimiscott,

Your problem is that the permissions doesn't have the Permission called InvoiceRead. There could be a number ways that that a specific Permission might not work. Here are the most likely the problem.

  • If all of the Permissions don't work, then you might have not added the Permissions into the the JWT token. In the AuthP library I use a TokenBuilder to add the claims to the JWT token. See Example2 in the AuthP code. NOTE: You can build your own version of the TokenBuilder, but you make sure the claims are set up properly.
  • If you are missing a single Permission, in your case InvoiceRead, then is there a Permission is missing in the enum registered in the <YourPermissionsEnum> registered via the AuthP's builder.Services.RegisterAuthPermissions<YourPermissionsEnum>.

If either of the two suggestions don't work, then have a look at the Example2 example in the AuthP code to see what it does. It very simple and might point out something you missed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JonPSmith @jimiscott