Bypass Authorize Attribute in .Net Core for Release Version

前端未结

关注

 6  1952

梦如初夏 2020-12-07 02:20

Is there a way to \"bypass\" authorization in asp.net core? I noticed that the Authorize attribute no longer has a AuthorizeCore method with which you could use to make dec

6条回答

旧巷少年郎 (楼主)

2020-12-07 02:42

For someone still needs to get the fake User object, the below solution can do the trick:

app.Use(async (context, next) =>
{
    context.User = new System.Security.Claims.ClaimsPrincipal(new ClaimsIdentity(new Claim[]
    {
        new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Guid.NewGuid().ToString()),
    }, "test"));
    await next.Invoke();
});

app.UseMvc();

The solution should just work if the DefaultScheme is "Cookies".

0 讨论(0)

查看其它6个回答