daohualiuxiang
/
AspNetCore.Docs
mirror of https://github.com/dotnet/AspNetCore.Docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4716 from aspnet/master 

Update live with current master
pull/4758/head^2
Rick Anderson 2017-11-02 07:15:11 -10:00 committed by GitHub
parent 89c5705e60 c4057a9f12
commit da86c55479
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
aspnetcore/security/authentication/social/facebook-logins.md
View File

@ -58,6 +58,13 @@ This tutorial shows you how to enable your users to sign in with their Facebook
Link sensitive settings like Facebook `App ID` and `App Secret` to your application configuration using the [Secret Manager](xref:security/app-secrets). For the purposes of this tutorial, name the tokens `Authentication:Facebook:AppId` and `Authentication:Facebook:AppSecret`.
Execute the following commands to securely store `App ID` and `App Secret` using Secret Manager:
```console
dotnet user-secrets set Authentication:Facebook:AppId <app-id>
dotnet user-secrets set Authentication:Facebook:AppSecret <app-secret>
```
## Configure Facebook Authentication
The project template used in this tutorial ensures that [Microsoft.AspNetCore.Authentication.Facebook](https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.Facebook) package is already installed.

17
aspnetcore/security/authorization/resourcebased.md
View File

@ -36,6 +36,19 @@ public class DocumentController : Controller
`IAuthorizationService` has two methods, one where you pass the resource and the policy name and the other where you pass the resource and a list of requirements to evaluate.
# [ASP.NET Core 2.x](#tab/aspnetcore2x)
```csharp
Task<AuthorizationResult> AuthorizeAsync(ClaimsPrincipal user,
object resource,
IEnumerable<IAuthorizationRequirement> requirements);
Task<AuthorizationResult> AuthorizeAsync(ClaimsPrincipal user,
object resource,
string policyName);
```
# [ASP.NET Core 1.x](#tab/aspnetcore1x)
```csharp
Task<bool> AuthorizeAsync(ClaimsPrincipal user,
object resource,
@ -45,6 +58,8 @@ Task<bool> AuthorizeAsync(ClaimsPrincipal user,
string policyName);
```
---
<a name="security-authorization-resource-based-imperative"></a>
To call the service, load your resource within your action then call the `AuthorizeAsync` overload you require. For example:
@ -59,7 +74,7 @@ public async Task<IActionResult> Edit(Guid documentId)
return new HttpNotFoundResult();
}
if (await _authorizationService.AuthorizeAsync(User, document, "EditPolicy"))
if ((await _authorizationService.AuthorizeAsync(User, document, "EditPolicy")).Succeeded)
{
return View(document);
}