| | | 1 | | namespace Kestrun.Claims; |
| | | 2 | | |
| | | 3 | | |
| | | 4 | | /// <summary> |
| | | 5 | | /// Builder for defining claim-based authorization policies. |
| | | 6 | | /// </summary> |
| | | 7 | | public sealed class ClaimPolicyBuilder |
| | | 8 | | { |
| | 11 | 9 | | private readonly Dictionary<string, ClaimRule> _policies = new(StringComparer.OrdinalIgnoreCase); |
| | | 10 | | |
| | | 11 | | /// <summary> |
| | | 12 | | /// Adds a new policy with a required claim rule. |
| | | 13 | | /// </summary> |
| | | 14 | | /// <param name="policyName">The name of the policy.</param> |
| | | 15 | | /// <param name="claimType">The required claim type.</param> |
| | | 16 | | /// <param name="allowedValues">Allowed values for the claim.</param> |
| | | 17 | | /// <returns>The current builder instance.</returns> |
| | | 18 | | public ClaimPolicyBuilder AddPolicy(string policyName, string claimType, params string[] allowedValues) |
| | | 19 | | { |
| | 11 | 20 | | ArgumentException.ThrowIfNullOrWhiteSpace(policyName); |
| | 9 | 21 | | ArgumentException.ThrowIfNullOrWhiteSpace(claimType); |
| | 7 | 22 | | if (allowedValues is null || allowedValues.Length == 0) |
| | | 23 | | { |
| | 2 | 24 | | throw new ArgumentException("At least one allowed value must be specified.", nameof(allowedValues)); |
| | | 25 | | } |
| | | 26 | | |
| | 5 | 27 | | _policies[policyName] = new ClaimRule(claimType, allowedValues); |
| | 5 | 28 | | return this; |
| | | 29 | | } |
| | | 30 | | |
| | | 31 | | /// <summary> |
| | | 32 | | /// Adds a new policy with a required claim rule using a <see cref="UserIdentityClaim"/>. |
| | | 33 | | /// </summary> |
| | | 34 | | /// <param name="policyName">The name of the policy.</param> |
| | | 35 | | /// <param name="claimType">The required <see cref="UserIdentityClaim"/> type.</param> |
| | | 36 | | /// <param name="allowedValues">Allowed values for the claim.</param> |
| | | 37 | | /// <returns>The current builder instance.</returns> |
| | | 38 | | public ClaimPolicyBuilder AddPolicy(string policyName, UserIdentityClaim claimType, params string[] allowedValues) |
| | | 39 | | { |
| | 4 | 40 | | ArgumentException.ThrowIfNullOrWhiteSpace(policyName); |
| | 4 | 41 | | if (allowedValues is null || allowedValues.Length == 0) |
| | | 42 | | { |
| | 2 | 43 | | throw new ArgumentException("At least one allowed value must be specified.", nameof(allowedValues)); |
| | | 44 | | } |
| | | 45 | | |
| | 2 | 46 | | _policies[policyName] = new ClaimRule(claimType.ToClaimUri(), allowedValues); |
| | 2 | 47 | | return this; |
| | | 48 | | } |
| | | 49 | | /// <summary> |
| | | 50 | | /// Adds a prebuilt claim rule under a policy name. |
| | | 51 | | /// </summary> |
| | | 52 | | public ClaimPolicyBuilder AddPolicy(string policyName, ClaimRule rule) |
| | | 53 | | { |
| | 4 | 54 | | ArgumentException.ThrowIfNullOrWhiteSpace(policyName); |
| | 2 | 55 | | ArgumentNullException.ThrowIfNull(rule); |
| | | 56 | | |
| | 1 | 57 | | _policies[policyName] = rule; |
| | 1 | 58 | | return this; |
| | | 59 | | } |
| | | 60 | | |
| | | 61 | | /// <summary> |
| | | 62 | | /// Gets the dictionary of all configured policies. |
| | | 63 | | /// </summary> |
| | 7 | 64 | | public IReadOnlyDictionary<string, ClaimRule> Policies => _policies; |
| | | 65 | | |
| | | 66 | | /// <summary> |
| | | 67 | | /// Builds the configuration object. |
| | | 68 | | /// </summary> |
| | 1 | 69 | | public ClaimPolicyConfig Build() => new() |
| | 1 | 70 | | { |
| | 1 | 71 | | Policies = new Dictionary<string, ClaimRule>(_policies, StringComparer.OrdinalIgnoreCase) |
| | 1 | 72 | | }; |
| | | 73 | | } |
| | | 74 | | |