From 5ee8112c6461dd529469f34ba0833cdb9c70121e Mon Sep 17 00:00:00 2001
From: Kirk Larkin <6025110+serpent5@users.noreply.github.com>
Date: Fri, 25 Mar 2022 10:36:32 +0000
Subject: [PATCH] Update Authz Handlers DI to 6.0 (#25417)
---
.../authorization/dependencyinjection.md | 93 ++++++++++++++-----
1 file changed, 69 insertions(+), 24 deletions(-)
diff --git a/aspnetcore/security/authorization/dependencyinjection.md b/aspnetcore/security/authorization/dependencyinjection.md
index 6ae9814ca9..52f9720158 100644
--- a/aspnetcore/security/authorization/dependencyinjection.md
+++ b/aspnetcore/security/authorization/dependencyinjection.md
@@ -2,47 +2,92 @@
title: Dependency injection in requirement handlers in ASP.NET Core
author: rick-anderson
description: Learn how to inject authorization requirement handlers into an ASP.NET Core app using dependency injection.
+monikerRange: ">= aspnetcore-2.1"
ms.author: riande
-ms.date: 10/14/2016
+ms.date: 03/25/2022
no-loc: ["Blazor Hybrid", Home, Privacy, Kestrel, appsettings.json, "ASP.NET Core Identity", cookie, Cookie, Blazor, "Blazor Server", "Blazor WebAssembly", "Identity", "Let's Encrypt", Razor, SignalR]
uid: security/authorization/dependencyinjection
---
# Dependency injection in requirement handlers in ASP.NET Core
-
+:::moniker range=">= aspnetcore-6.0"
[Authorization handlers must be registered](xref:security/authorization/policies#security-authorization-policies-based-handler-registration) in the service collection during configuration using [dependency injection](xref:fundamentals/dependency-injection).
Suppose you had a repository of rules you wanted to evaluate inside an authorization handler and that repository was registered in the service collection. Authorization resolves and injects that into the constructor.
-For example, to use ASP.NET's logging infrastructure, inject `ILoggerFactory` into the handler. Such a handler might look like the following code:
+For example, to use the .NET logging infrastructure, inject into the handler, as shown in the following example:
```csharp
-public class LoggingAuthorizationHandler : AuthorizationHandler
- {
- ILogger _logger;
+public class SampleAuthorizationHandler : AuthorizationHandler
+{
+ private readonly ILogger _logger;
- public LoggingAuthorizationHandler(ILoggerFactory loggerFactory)
- {
- _logger = loggerFactory.CreateLogger(this.GetType().FullName);
- }
+ public SampleAuthorizationHandler(ILoggerFactory loggerFactory)
+ => _logger = loggerFactory.CreateLogger(GetType().FullName);
- protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, MyRequirement requirement)
- {
- _logger.LogInformation("Inside my handler");
- // Check if the requirement is fulfilled.
- return Task.CompletedTask;
- }
- }
- ```
+ protected override Task HandleRequirementAsync(
+ AuthorizationHandlerContext context, SampleRequirement requirement)
+ {
+ _logger.LogInformation("Inside my handler");
+
+ // ...
-The preceding handler can be registered with any [service lifetime](/dotnet/core/extensions/dependency-injection#service-lifetimes). The following code uses `AddSingleton` to register the preceding handler:
-
-```csharp
-services.AddSingleton();
+ return Task.CompletedTask;
+ }
+}
```
-An instance of the handler is created when the app starts, and DI injects the registered `ILoggerFactory` into the constructor.
+The preceding handler can be registered with any [service lifetime](/dotnet/core/extensions/dependency-injection#service-lifetimes). The following code uses to register the preceding handler:
+
+```csharp
+builder.Services.AddSingleton();
+```
+
+An instance of the handler is created when the app starts, and DI injects the registered `ILoggerFactory` into its constructor.
> [!NOTE]
-> Handlers that use Entity Framework shouldn't be registered as singletons.
+> Don't register authorization handlers that use Entity Framework (EF) as singletons.
+
+:::moniker-end
+
+:::moniker range="< aspnetcore-6.0"
+
+[Authorization handlers must be registered](xref:security/authorization/policies#security-authorization-policies-based-handler-registration) in the service collection during configuration using [dependency injection](xref:fundamentals/dependency-injection).
+
+Suppose you had a repository of rules you wanted to evaluate inside an authorization handler and that repository was registered in the service collection. Authorization resolves and injects that into the constructor.
+
+For example, to use the .NET logging infrastructure, inject into the handler, as shown in the following example:
+
+```csharp
+public class SampleAuthorizationHandler : AuthorizationHandler
+{
+ private readonly ILogger _logger;
+
+ public SampleAuthorizationHandler(ILoggerFactory loggerFactory)
+ => _logger = loggerFactory.CreateLogger(GetType().FullName);
+
+ protected override Task HandleRequirementAsync(
+ AuthorizationHandlerContext context, SampleRequirement requirement)
+ {
+ _logger.LogInformation("Inside my handler");
+
+ // ...
+
+ return Task.CompletedTask;
+ }
+}
+```
+
+The preceding handler can be registered with any [service lifetime](/dotnet/core/extensions/dependency-injection#service-lifetimes). The following code uses to register the preceding handler:
+
+```csharp
+services.AddSingleton();
+```
+
+An instance of the handler is created when the app starts, and DI injects the registered `ILoggerFactory` into its constructor.
+
+> [!NOTE]
+> Don't register authorization handlers that use Entity Framework (EF) as singletons.
+
+:::moniker-end