첨부 실행 코드는 나눔고딕코딩 폰트를 사용합니다.
본 블로그는 광고를 포함하고 있습니다.
광고 클릭에서 발생하는 수익금은 모두 블로그 콘텐츠 향상을 위해 쓰여집니다.

728x90
반응형
728x170

TestProject.zip
다운로드

▶ AuthorizationRequirement/CustomAuthorizationRequirement.cs

using Microsoft.AspNetCore.Authorization;

namespace TestProject.AuthorizationRequirements
{
    /// <summary>
    /// 커스텀 권한 요청
    /// </summary>
    public class CustomAuthorizationRequirement : IAuthorizationRequirement
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Property
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 클레임 타입 - ClaimType

        /// <summary>
        /// 클레임 타입
        /// </summary>
        public string ClaimType { private set; get; }

        #endregion

        //////////////////////////////////////////////////////////////////////////////////////////////////// Constructor
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 생성자 - CustomAuthorizationRequirement(claimType)

        /// <summary>
        /// 생성자
        /// </summary>
        /// <param name="claimType">클레임 타입</param>
        public CustomAuthorizationRequirement(string claimType)
        {
            ClaimType = claimType;
        }

        #endregion
    }
}

 

728x90

 

▶ AuthorizationRequirement/CustomAuthorizationHandler.cs

using Microsoft.AspNetCore.Authorization;
using System.Linq;
using System.Threading.Tasks;

namespace TestProject.AuthorizationRequirements
{
    /// <summary>
    /// 커스텀 권한 핸들러
    /// </summary>
    public class CustomAuthorizationHandler : AuthorizationHandler<CustomAuthorizationRequirement>
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Protected

        #region 요청 사항 처리하기 (비동기) - HandleRequirementAsync(context, requirement)

        /// <summary>
        /// 요청 사항 처리하기 (비동기)
        /// </summary>
        /// <param name="context">컨텍스트</param>
        /// <param name="requirement">요청</param>
        /// <returns>태스크</returns>
        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, CustomAuthorizationRequirement requirement)
        {
            bool hasClaim = context.User.Claims.Any(x => x.Type == requirement.ClaimType);

            if(hasClaim)
            {
                context.Succeed(requirement);
            }

            return Task.CompletedTask;
        }

        #endregion
    }
}

 

300x250

 

▶ AuthorizationRequirement/CustomAuthorizatonPolicyBuilderExtension.cs

using Microsoft.AspNetCore.Authorization;

namespace TestProject.AuthorizationRequirements
{
    /// <summary>
    /// 커스텀 권한 정책 빌더 확장
    /// </summary>
    public static class CustomAuthorizatonPolicyBuilderExtension
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Static
        //////////////////////////////////////////////////////////////////////////////// Public

        #region 커스텀 클레임 요청하기 - RequireCustomClaim(builder, claimType)

        /// <summary>
        /// 커스텀 클레임 요청하기
        /// </summary>
        /// <param name="builder">권한 정책 빌더</param>
        /// <param name="claimType">클레임 타입</param>
        /// <returns>권한 정책 빌더</returns>
        public static AuthorizationPolicyBuilder RequireCustomClaim(this AuthorizationPolicyBuilder builder, string claimType)
        {
            builder.AddRequirements(new CustomAuthorizationRequirement(claimType));

            return builder;
        }

        #endregion
    }
}

 

▶ Startup.cs

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using System.Security.Claims;

using TestProject.AuthorizationRequirements;

namespace TestProject
{
    /// <summary>
    /// 시작
    /// </summary>
    public class Startup
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 서비스 컬렉션 구성하기 - ConfigureServices(services)

        /// <summary>
        /// 서비스 컬렉션 구성하기
        /// </summary>
        /// <param name="services">서비스 컬렉션</param>
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication("CookieAuthentication")
                .AddCookie
                (
                    "CookieAuthentication",
                    options =>
                    {
                        options.Cookie.Name = "TestProject.Cookie";
                        options.LoginPath   = "/Home/Login";
                    }
                );

            services.AddAuthorization
            (
                options =>
                {
                    options.AddPolicy
                    (
                        "Claim.DateOfBirth",
                        builder =>
                        {
                            builder.RequireCustomClaim(ClaimTypes.DateOfBirth);
                        }
                    );
                }
            );

            services.AddScoped<IAuthorizationHandler, CustomAuthorizationHandler>();

            services.AddControllersWithViews();
        }

        #endregion
        #region 구성하기 - Configure(app, environment)

        /// <summary>
        /// 구성하기
        /// </summary>
        /// <param name="app">애플리케이션 빌더</param>
        /// <param name="environment">웹 호스트 환경</param>
        public void Configure(IApplicationBuilder app, IWebHostEnvironment environment)
        {
            if(environment.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }

            app.UseRouting();

            app.UseAuthentication();

            app.UseAuthorization();

            app.UseEndpoints
            (
                endpoints =>
                {
                    endpoints.MapDefaultControllerRoute();
                }
            );
        }

        #endregion
    }
}

 

▶ Controllers/HomeController.cs

using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System.Collections.Generic;
using System.Security.Claims;
using System.Threading.Tasks;

namespace TestProject.Controllers
{
    /// <summary>
    /// 홈 컨트롤러
    /// </summary>
    public class HomeController : Controller
    {
        //////////////////////////////////////////////////////////////////////////////////////////////////// Method
        ////////////////////////////////////////////////////////////////////////////////////////// Public

        #region 인덱스 페이지 처리하기 - Index()

        /// <summary>
        /// 인덱스 페이지 처리하기
        /// </summary>
        /// <returns>액션 결과</returns>
        public IActionResult Index()
        {
            return View();
        }

        #endregion
        #region 사용자 페이지 처리하기 - UserPage() 

        /// <summary>
        /// 사용자 페이지 처리하기
        /// </summary>
        /// <returns>액션 결과</returns>
        [Authorize(Roles = "User")]
        public IActionResult UserPage()
        {
            return View();
        }

        #endregion
        #region 비밀 페이지 처리하기 - Secret() 

        /// <summary>
        /// 비밀 페이지 처리하기
        /// </summary>
        /// <returns>액션 결과</returns>
        [Authorize(Policy = "Claim.DateOfBirth")]
        public IActionResult Secret()
        {
            return View();
        }

        #endregion
        #region 로그인 페이지 처리하기 - Login(returnURL)

        /// <summary>
        /// 로그인 페이지 처리하기
        /// </summary>
        /// <param name="returnURL">반환 URL</param>
        /// <returns>액션 결과</returns>
        [HttpGet]
        public IActionResult Login(string returnURL = null)
        {
            ViewData["ReturnURL"] = returnURL;

            return View();
        }

        #endregion
        #region 로그인 페이지 처리하기 - Login(userName, password, returnURL)

        /// <summary>
        /// 로그인 페이지 처리하기
        /// </summary>
        /// <param name="userName">사용자명</param>
        /// <param name="password">패스워드</param>
        /// <param name="returnURL">반환 URL</param>
        /// <returns>액션 결과</returns>
        [HttpPost]
        public async Task<IActionResult> Login(string userName, string password, string returnURL)
        {
            if(userName == "홍길동" && password == "1234")
            {
                List<Claim> personClaimList = new List<Claim>()
                {
                    new Claim(ClaimTypes.Name       , "홍길동"        ),
                    new Claim(ClaimTypes.Gender     , "남성"          ),
                    new Claim(ClaimTypes.DateOfBirth, "2000-01-01"    ),
                    new Claim(ClaimTypes.HomePhone  , "02-700-1000"   ),
                    new Claim(ClaimTypes.MobilePhone, "010-3000-4000" ),
                    new Claim(ClaimTypes.Email      , "hkd@daum.net"  ),
                    new Claim(ClaimTypes.Country    , "한국"          ),
                    new Claim(ClaimTypes.PostalCode , "300-400"       ),
                    new Claim(ClaimTypes.Role       , "User"          )
                };

                List<Claim> licenseClaimList = new List<Claim>()
                {
                    new Claim(ClaimTypes.Name , "홍길동"),
                    new Claim("License"       , "1급"   )
                };

                ClaimsIdentity personClaimsIdentity  = new ClaimsIdentity(personClaimList , "개인");
                ClaimsIdentity licenseClaimsIdentity = new ClaimsIdentity(licenseClaimList, "정부");

                ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal
                (
                    new []
                    {
                        personClaimsIdentity,
                        licenseClaimsIdentity
                    }
                );

                await HttpContext.SignInAsync("CookieAuthentication", claimsPrincipal);

                if(returnURL == null)
                {
                    return RedirectToAction("Index");
                }
                else
                {
                    return Redirect(returnURL);
                }
            }
            else if(userName == "김철수" && password == "1234")
            {
                List<Claim> personClaimList = new List<Claim>()
                {
                    new Claim(ClaimTypes.Name       , "김철수"        ),
                    new Claim(ClaimTypes.Gender     , "남성"          ),
                  //new Claim(ClaimTypes.DateOfBirth, "2000-05-01"    ),
                    new Claim(ClaimTypes.HomePhone  , "02-500-3000"   ),
                    new Claim(ClaimTypes.MobilePhone, "010-5000-3000" ),
                    new Claim(ClaimTypes.Email      , "hkd@daum.net"  ),
                    new Claim(ClaimTypes.Country    , "kcs"           ),
                    new Claim(ClaimTypes.PostalCode , "200-100"       ),
                    new Claim(ClaimTypes.Role       , "User"          )
                };

                List<Claim> licenseClaimList = new List<Claim>()
                {
                    new Claim(ClaimTypes.Name , "김철수"),
                    new Claim("License"       , "2급"   )
                };

                ClaimsIdentity personClaimsIdentity  = new ClaimsIdentity(personClaimList , "개인");
                ClaimsIdentity licenseClaimsIdentity = new ClaimsIdentity(licenseClaimList, "정부");

                ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal
                (
                    new []
                    {
                        personClaimsIdentity,
                        licenseClaimsIdentity
                    }
                );

                await HttpContext.SignInAsync("CookieAuthentication", claimsPrincipal);

                if(returnURL == null)
                {
                    return RedirectToAction("Index");
                }
                else
                {
                    return Redirect(returnURL);
                }
            }
            else
            {
                ViewData["Message"] = "등록되지 않은 사용자 입니다.";

                return View();
            }
        }

        #endregion
        #region 로그아웃 페이지 처리하기 - Logout()

        /// <summary>
        /// 로그아웃 페이지 처리하기
        /// </summary>
        /// <returns>액션 결과 태스크</returns>
        public async Task<IActionResult> Logout()
        {
            await HttpContext.SignOutAsync("CookieAuthentication");

            return RedirectToAction("Index");
        }

        #endregion
    }
}
728x90
반응형
그리드형(광고전용)
Posted by icodebroker

댓글을 달아 주세요