How to access current HttpContext in ASP.NET Core 2 Custom Policy-Based Authorization with AuthorizationHandlerContext

Question

How can I access current HttpContext to check for route and parameters inside AuthorizationHandlerContext of Custom Policy-Based Authorization inside ASP.NET Core 2?

Answer 1

You can inject an IHttpContextAccessor into your AuthorizationHandlers constructor.

e.g.

public class MyAuthorizationHandler : AuthorizationHandler
{
    private IHttpContextAccessor _contextAccessor;

    public MyAuthorizationHandler (IHttpContextAccessor contextAccessor)
    {
        _contextAccessor = contextAccessor;
    }

    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
        MinimumPermissionLevelRequirement requirement) {

        var httpContext = _contextAccessor.HttpContext;
        // do things
    }
}