daohualiuxiang
/
AspNetCore.Docs
mirror of https://github.com/dotnet/AspNetCore.Docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
AspNetCore.Docs/aspnetcore/security/authorization/dependencyinjection.md

4.0 KiB
Raw Blame History

title author description monikerRange ms.author ms.date uid
Dependency injection in requirement handlers in ASP.NET Core rick-anderson Learn how to inject authorization requirement handlers into an ASP.NET Core app using dependency injection. >= aspnetcore-2.1 riande 03/25/2022 security/authorization/dependencyinjection

Dependency injection in requirement handlers in ASP.NET Core

:::moniker range=">= aspnetcore-6.0"

Authorization handlers must be registered in the service collection during configuration using dependency injection.

Suppose you had a repository of rules you wanted to evaluate inside an authorization handler and that repository was registered in the service collection. Authorization resolves and injects that into the constructor.

For example, to use the .NET logging infrastructure, inject xref:Microsoft.Extensions.Logging.ILoggerFactory into the handler, as shown in the following example:

public class SampleAuthorizationHandler : AuthorizationHandler<SampleRequirement>
{
    private readonly ILogger _logger;

    public SampleAuthorizationHandler(ILoggerFactory loggerFactory)
        => _logger = loggerFactory.CreateLogger(GetType().FullName);

    protected override Task HandleRequirementAsync(
        AuthorizationHandlerContext context, SampleRequirement requirement)
    {
        _logger.LogInformation("Inside my handler");
        
        // ...

        return Task.CompletedTask;
    }
}

The preceding handler can be registered with any service lifetime. The following code uses xref:Microsoft.Extensions.DependencyInjection.ServiceCollectionServiceExtensions.AddSingleton%2A to register the preceding handler:

builder.Services.AddSingleton<IAuthorizationHandler, SampleAuthorizationHandler>();

An instance of the handler is created when the app starts, and DI injects the registered ILoggerFactory into its constructor.

[!NOTE] Don't register authorization handlers that use Entity Framework (EF) as singletons.

:::moniker-end

:::moniker range="< aspnetcore-6.0"

Authorization handlers must be registered in the service collection during configuration using dependency injection.

Suppose you had a repository of rules you wanted to evaluate inside an authorization handler and that repository was registered in the service collection. Authorization resolves and injects that into the constructor.

For example, to use the .NET logging infrastructure, inject xref:Microsoft.Extensions.Logging.ILoggerFactory into the handler, as shown in the following example:

public class SampleAuthorizationHandler : AuthorizationHandler<SampleRequirement>
{
    private readonly ILogger _logger;

    public SampleAuthorizationHandler(ILoggerFactory loggerFactory)
        => _logger = loggerFactory.CreateLogger(GetType().FullName);

    protected override Task HandleRequirementAsync(
        AuthorizationHandlerContext context, SampleRequirement requirement)
    {
        _logger.LogInformation("Inside my handler");
        
        // ...

        return Task.CompletedTask;
    }
}

The preceding handler can be registered with any service lifetime. The following code uses xref:Microsoft.Extensions.DependencyInjection.ServiceCollectionServiceExtensions.AddSingleton%2A to register the preceding handler:

services.AddSingleton<IAuthorizationHandler, SampleAuthorizationHandler>();

An instance of the handler is created when the app starts, and DI injects the registered ILoggerFactory into its constructor.

[!NOTE] Don't register authorization handlers that use Entity Framework (EF) as singletons.

:::moniker-end