[C#/ASP.NET MVC/.NETCORE] IClaimsTransformation 인터페이스 : TransformAsync 메소드를 사용해 클레임 정책에 클레임 추가하기
C#/ASP.NET MVC 2020. 10. 26. 01:04728x90
반응형
728x170
▶ Controllers/HomeController.cs
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System.Collections.Generic;
using System.Security.Claims;
using System.Threading.Tasks;
namespace TestProject.Controllers
{
/// <summary>
/// 홈 컨트롤러
/// </summary>
public class HomeController : Controller
{
//////////////////////////////////////////////////////////////////////////////////////////////////// Method
////////////////////////////////////////////////////////////////////////////////////////// Public
#region 인덱스 페이지 처리하기 - Index()
/// <summary>
/// 인덱스 페이지 처리하기
/// </summary>
/// <returns>액션 결과</returns>
public IActionResult Index()
{
return View();
}
#endregion
#region 비밀 페이지 처리하기 - Secret()
/// <summary>
/// 비밀 페이지 처리하기
/// </summary>
/// <returns>액션 결과</returns>
[Authorize]
public IActionResult Secret()
{
return View();
}
#endregion
#region 로그인 페이지 처리하기 - Login(returnURL)
/// <summary>
/// 로그인 페이지 처리하기
/// </summary>
/// <param name="returnURL">반환 URL</param>
/// <returns>액션 결과</returns>
[HttpGet]
public IActionResult Login(string returnURL = null)
{
ViewData["ReturnURL"] = returnURL;
return View();
}
#endregion
#region 로그인 페이지 처리하기 - Login(userName, password, returnURL)
/// <summary>
/// 로그인 페이지 처리하기
/// </summary>
/// <param name="userName">사용자명</param>
/// <param name="password">패스워드</param>
/// <param name="returnURL">반환 URL</param>
/// <returns>액션 결과</returns>
[HttpPost]
public async Task<IActionResult> Login(string userName, string password, string returnURL)
{
if(userName == "홍길동" && password == "1234")
{
List<Claim> personClaimList = new List<Claim>()
{
new Claim(ClaimTypes.Name , "홍길동" ),
new Claim(ClaimTypes.Gender , "남성" ),
new Claim(ClaimTypes.DateOfBirth, "2000-01-01" ),
new Claim(ClaimTypes.HomePhone , "02-700-1000" ),
new Claim(ClaimTypes.MobilePhone, "010-3000-4000" ),
new Claim(ClaimTypes.Email , "hkd@daum.net" ),
new Claim(ClaimTypes.Country , "한국" ),
new Claim(ClaimTypes.PostalCode , "300-400" ),
new Claim(ClaimTypes.Role , "User" ),
//new Claim("SalesLevel" , "A" )
};
List<Claim> licenseClaimList = new List<Claim>()
{
new Claim(ClaimTypes.Name , "홍길동"),
new Claim("License" , "1급" )
};
ClaimsIdentity personClaimsIdentity = new ClaimsIdentity(personClaimList , "개인");
ClaimsIdentity licenseClaimsIdentity = new ClaimsIdentity(licenseClaimList, "정부");
ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal
(
new []
{
personClaimsIdentity,
licenseClaimsIdentity
}
);
await HttpContext.SignInAsync("CookieAuthentication", claimsPrincipal);
if(returnURL == null)
{
return RedirectToAction("Index");
}
else
{
return Redirect(returnURL);
}
}
else
{
ViewData["Message"] = "등록되지 않은 사용자 입니다.";
return View();
}
}
#endregion
#region 로그아웃 페이지 처리하기 - Logout()
/// <summary>
/// 로그아웃 페이지 처리하기
/// </summary>
/// <returns>액션 결과 태스크</returns>
public async Task<IActionResult> Logout()
{
await HttpContext.SignOutAsync("CookieAuthentication");
return RedirectToAction("Index");
}
#endregion
#region 권한 없음 페이지 처리하기 - NoAuthorized()
/// <summary>
/// 권한 없음 페이지 처리하기
/// </summary>
/// <returns>액션 결과</returns>
public IActionResult NoAuthorized()
{
return View();
}
#endregion
}
}
728x90
▶ Transformation/ClaimsTransformation.cs
using Microsoft.AspNetCore.Authentication;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
namespace TestProject.Transformation
{
/// <summary>
/// 클레임 변환
/// </summary>
public class ClaimsTransformation : IClaimsTransformation
{
//////////////////////////////////////////////////////////////////////////////////////////////////// Method
////////////////////////////////////////////////////////////////////////////////////////// Public
#region 변환하기 (비동기) - TransformAsync(principal)
/// <summary>
/// 변환하기 (비동기)
/// </summary>
/// <param name="principal">클레임 정책</param>
/// <returns>클레임 정책 태스크</returns>
public Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)
{
bool hasClaim = principal.Claims.Any(x => x.Type == "SalesLevel");
if(!hasClaim)
{
((ClaimsIdentity)principal.Identity).AddClaim(new Claim("SalesLevel", "A"));
}
return Task.FromResult(principal);
}
#endregion
}
}
300x250
▶ Startup.cs
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using TestProject.Handlers;
using TestProject.Transformation;
namespace TestProject
{
/// <summary>
/// 시작
/// </summary>
public class Startup
{
//////////////////////////////////////////////////////////////////////////////////////////////////// Method
////////////////////////////////////////////////////////////////////////////////////////// Public
#region 서비스 컬렉션 구성하기 - ConfigureServices(services)
/// <summary>
/// 서비스 컬렉션 구성하기
/// </summary>
/// <param name="services">서비스 컬렉션</param>
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication("CookieAuthentication")
.AddCookie
(
"CookieAuthentication",
options =>
{
options.Cookie.Name = "TestProject.Cookie";
options.LoginPath = "/Home/Login";
options.AccessDeniedPath = "/Home/NoAuthorized";
}
);
services.AddScoped<IAuthorizationHandler, DocumentAuthorizationHandler>();
services.AddScoped<IClaimsTransformation, ClaimsTransformation>();
services.AddControllersWithViews();
}
#endregion
#region 구성하기 - Configure(app, environment)
/// <summary>
/// 구성하기
/// </summary>
/// <param name="app">애플리케이션 빌더</param>
/// <param name="environment">웹 호스트 환경</param>
public void Configure(IApplicationBuilder app, IWebHostEnvironment environment)
{
if(environment.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints
(
endpoints =>
{
endpoints.MapDefaultControllerRoute();
}
);
}
#endregion
}
}728x90
반응형
그리드형(광고전용)
댓글을 달아 주세요