From 5eff35a52ca1dcf6181a900105b57b44e77c385b Mon Sep 17 00:00:00 2001 From: Yan Ivan Evdokimov Date: Thu, 2 Nov 2017 17:21:41 +0200 Subject: [PATCH 1/2] Changes to resourcebased.md to match Core 2.0 (#4712) * Changes to resourcebased.md to match Core 2.0 AuthorizeAsync method returns Task instead of Task in 2.0. * Introduce tabs --- .../security/authorization/resourcebased.md | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/aspnetcore/security/authorization/resourcebased.md b/aspnetcore/security/authorization/resourcebased.md index 94ba322ef4..7ad5b57a6b 100644 --- a/aspnetcore/security/authorization/resourcebased.md +++ b/aspnetcore/security/authorization/resourcebased.md @@ -36,6 +36,19 @@ public class DocumentController : Controller `IAuthorizationService` has two methods, one where you pass the resource and the policy name and the other where you pass the resource and a list of requirements to evaluate. +# [ASP.NET Core 2.x](#tab/aspnetcore2x) + +```csharp +Task AuthorizeAsync(ClaimsPrincipal user, + object resource, + IEnumerable requirements); +Task AuthorizeAsync(ClaimsPrincipal user, + object resource, + string policyName); +``` + +# [ASP.NET Core 1.x](#tab/aspnetcore1x) + ```csharp Task AuthorizeAsync(ClaimsPrincipal user, object resource, @@ -45,6 +58,8 @@ Task AuthorizeAsync(ClaimsPrincipal user, string policyName); ``` +--- + To call the service, load your resource within your action then call the `AuthorizeAsync` overload you require. For example: @@ -59,7 +74,7 @@ public async Task Edit(Guid documentId) return new HttpNotFoundResult(); } - if (await _authorizationService.AuthorizeAsync(User, document, "EditPolicy")) + if ((await _authorizationService.AuthorizeAsync(User, document, "EditPolicy")).Succeeded) { return View(document); } From c4057a9f1265bf16d0bfcc139197b23c6c3b1015 Mon Sep 17 00:00:00 2001 From: Shibu Date: Thu, 2 Nov 2017 12:14:57 -0400 Subject: [PATCH 2/2] =?UTF-8?q?Updated=20facebook-logins.md=20with=20exact?= =?UTF-8?q?=20instructions=20to=20store=20Facebook=20=E2=80=A6=20(#4709)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Updated facebook-logins.md with exact instructions to store Facebook app id and secret in secret store * Minor edits --- .../security/authentication/social/facebook-logins.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/aspnetcore/security/authentication/social/facebook-logins.md b/aspnetcore/security/authentication/social/facebook-logins.md index 1c853d313a..5ca6789f62 100644 --- a/aspnetcore/security/authentication/social/facebook-logins.md +++ b/aspnetcore/security/authentication/social/facebook-logins.md @@ -58,6 +58,13 @@ This tutorial shows you how to enable your users to sign in with their Facebook Link sensitive settings like Facebook `App ID` and `App Secret` to your application configuration using the [Secret Manager](xref:security/app-secrets). For the purposes of this tutorial, name the tokens `Authentication:Facebook:AppId` and `Authentication:Facebook:AppSecret`. +Execute the following commands to securely store `App ID` and `App Secret` using Secret Manager: + +```console +dotnet user-secrets set Authentication:Facebook:AppId +dotnet user-secrets set Authentication:Facebook:AppSecret +``` + ## Configure Facebook Authentication The project template used in this tutorial ensures that [Microsoft.AspNetCore.Authentication.Facebook](https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.Facebook) package is already installed.