Reflection

Author: Anton Wieslander

README.md

@@ -12,3 +12,4 @@ Full Playlist can be found [here](https://www.youtube.com/playlist?list=PLOeFnOV
 - [Channels](https://youtu.be/E0Ld7ZgE4oY)
 - [MVC](https://youtu.be/u4O-b1BJg98)
 - [IEnumerable](https://youtu.be/at6weLnskpU)
+- [Reflection](https://youtu.be/cdG2JxuZvNI)

Reflection/Reflection.sln

@@ -0,0 +1,25 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.30011.22
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "WebApp", "WebApp\WebApp.csproj", "{FB323F04-C6AE-41C2-9047-934BB7C297D0}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{FB323F04-C6AE-41C2-9047-934BB7C297D0}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{FB323F04-C6AE-41C2-9047-934BB7C297D0}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{FB323F04-C6AE-41C2-9047-934BB7C297D0}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{FB323F04-C6AE-41C2-9047-934BB7C297D0}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {90DE1BA6-8E4D-4628-91DA-9A0665BD81EB}
+	EndGlobalSection
+EndGlobal

Reflection/WebApp/AuthHandler.cs

@@ -0,0 +1,45 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Controllers;
+using Microsoft.AspNetCore.Routing;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace WebApp
+{
+    public class AutoGeneratedClaim : IAuthorizationRequirement
+    {
+        public AutoGeneratedClaim()
+        {}
+    }
+
+    public class AuthHandler : AuthorizationHandler<AutoGeneratedClaim>
+    {
+        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AutoGeneratedClaim requirement)
+        {
+            var resource = context.Resource;
+            if(resource is RouteEndpoint endpoint)
+            {
+                var metadata = endpoint.Metadata;
+                var controllerAD = (ControllerActionDescriptor)
+                    metadata.FirstOrDefault(x => x is ControllerActionDescriptor);
+
+                var controller = controllerAD.ControllerTypeInfo;
+                var action = controllerAD.MethodInfo;
+                var targetClaim = string.Concat(controller.ToString(), ".", action.ToString().Split(" ").Last());
+
+                if(context.User.Claims.Any(x => x.Type.Equals(Constants.WebAppClaimType)
+                    && x.Value.Equals(targetClaim)))
+                {
+                    context.Succeed(requirement);
+                    return Task.CompletedTask;
+                }
+            }
+
+            context.Fail();
+            return Task.CompletedTask;
+        }
+    }
+}

Reflection/WebApp/ClaimsService.cs

@@ -0,0 +1,29 @@
+using Microsoft.AspNetCore.Authorization;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace WebApp
+{
+    public class ClaimsService
+    {
+        public IEnumerable<string> Claims()
+        {
+			var authAttr = typeof(AuthorizeAttribute);
+			var anonAttr = typeof(AllowAnonymousAttribute);
+
+			return typeof(Startup).Assembly.GetTypes()
+				.Where(x => x.Name.EndsWith("Controller"))
+				.SelectMany(x => x.GetMethods()
+					.Where(m => m.DeclaringType.Equals(x)))
+				.Where(x => x.GetCustomAttribute(authAttr) != null
+					|| x.DeclaringType.GetCustomAttribute(authAttr) != null)
+				.Where(x => x.GetCustomAttribute(anonAttr) == null)
+				.Select(x => string.Concat(x.DeclaringType.ToString(),
+					".", x.ToString().Split(" ").Last()));
+		}
+    }
+}

Reflection/WebApp/Constants.cs

@@ -0,0 +1,7 @@
+namespace WebApp
+{
+    public class Constants
+    {
+        public const string WebAppClaimType = nameof(WebAppClaimType);
+    }
+}

Reflection/WebApp/Controllers/HomeController.cs

@@ -0,0 +1,40 @@
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+
+namespace WebApp.Controllers
+{
+    public class HomeController : Controller
+    {
+        public string Index()
+        {
+            return "";
+        }
+
+        [HttpGet]
+        public IActionResult SignIn([FromServices] ClaimsService claimsService)
+        {
+            return View(claimsService.Claims());
+        }
+
+        [HttpPost]
+        public async Task<IActionResult> SignIn(IEnumerable<string> claims)
+        {
+            var identity = new ClaimsIdentity(claims.Select(x => new Claim(Constants.WebAppClaimType, x)), "Identity");
+            var principal = new ClaimsPrincipal(identity);
+            await HttpContext.SignInAsync(principal);
+
+            return RedirectToAction("Index");
+        }
+
+        [Authorize]
+        public string Secret()
+        {
+            return "";
+        }
+    }
+}

Reflection/WebApp/Controllers/ManageController.cs

@@ -0,0 +1,37 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace WebApp.Controllers
+{
+    [Authorize]
+    public class ManageController : Controller
+    {
+        [HttpGet()]
+        public string Secure()
+        {
+            return "";
+        }
+
+        [HttpGet("{boi}")]
+        public string Secure(string boi)
+        {
+            return "";
+        }
+
+        public string Secret()
+        {
+            return "";
+        }
+
+        [AllowAnonymous]
+        public string Allowed()
+        {
+            return "";
+        }
+    }
+}

Reflection/WebApp/Program.cs

@@ -0,0 +1,26 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Hosting;
+using Microsoft.Extensions.Logging;
+
+namespace WebApp
+{
+    public class Program
+    {
+        public static void Main(string[] args)
+        {
+            CreateHostBuilder(args).Build().Run();
+        }
+
+        public static IHostBuilder CreateHostBuilder(string[] args) =>
+            Host.CreateDefaultBuilder(args)
+                .ConfigureWebHostDefaults(webBuilder =>
+                {
+                    webBuilder.UseStartup<Startup>();
+                });
+    }
+}

Reflection/WebApp/Startup.cs

@@ -0,0 +1,68 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Hosting;
+
+namespace WebApp
+{
+    public class Startup
+    {
+        public Startup(IConfiguration configuration)
+        {
+            Configuration = configuration;
+        }
+
+        public IConfiguration Configuration { get; }
+
+        public void ConfigureServices(IServiceCollection services)
+        {
+            services.AddAuthentication("Cookie")
+                .AddCookie("Cookie");
+
+            services.AddAuthorization(config =>
+            {
+                var policyBuilder = new AuthorizationPolicyBuilder();
+
+                config.DefaultPolicy = policyBuilder
+                    .AddRequirements(new AutoGeneratedClaim())
+                    .Build();
+            });
+
+            services.AddScoped<IAuthorizationHandler, AuthHandler>();
+
+            services.AddSingleton<ClaimsService>();
+
+            services.AddControllersWithViews();
+        }
+
+        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
+        {
+            if (env.IsDevelopment())
+            {
+                app.UseDeveloperExceptionPage();
+            }
+            else
+            {
+                app.UseExceptionHandler("/Error");
+
+                app.UseHsts();
+            }
+
+            app.UseHttpsRedirection();
+            app.UseStaticFiles();
+
+            app.UseRouting();
+
+            app.UseAuthentication();
+            app.UseAuthorization();
+
+            app.UseEndpoints(endpoints =>
+            {
+                endpoints.MapDefaultControllerRoute();
+            });
+        }
+    }
+}

Reflection/WebApp/Views/Home/SignIn.cshtml

@@ -0,0 +1,15 @@
+@model IEnumerable<string>
+
+
+    <form action="/Home/SignIn" method="post">
+
+        @foreach(var claim in Model)
+        {
+            <div>
+                <label>@claim</label>
+                <input type="checkbox" name="claims" value="@claim" />
+            </div>
+        }
+
+        <button type="submit">Sign In</button>
+    </form>

Reflection/WebApp/WebApp.csproj

@@ -0,0 +1,7 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>netcoreapp3.1</TargetFramework>
+  </PropertyGroup>
+
+</Project>

Reflection/WebApp/appsettings.json

@@ -0,0 +1,9 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft": "Warning",
+      "Microsoft.Hosting.Lifetime": "Information"
+    }
+  }
+}