Unlocking🔏Dynamic Policy Authorization in .NET 8 Blazor : A Guide for Server, Wasm, and Auto Modes🔥

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hey everyone welcome back to net code H Channel I  am Frederick as you know and I'm happy to have you   here today do you actually know how to add policy  authorization to Blazer application dynamically   this means during run time do you know how to  add policy authorization to it in this video   I'm going to show you how to do that it is not  all the time that you have to configure your   policy authorization in the program with cs file  this time around in the during the run time you   can add authorization to it and I'm going to show  you today before we jump right into this make sure   you subscribe to this Channel and also click  on this like and on the Bell icon to receive   update as soon as I upload new video if you want  to grab this source code it to be available as   well so check the video description you know  before you apply authorization you must first   have authentication and with this I'm not going  to start with authentication because this video   is talking about all is main focusing on adding  policy dynamically so if you want to know how to   add authentication that is a quick authentication  check the video description I have several Links   of videos in there you can watch any of them I do  offer coaching or mentoring session to people who   are interested so if you want then check the video  description I have an email that you can write to   me through it all right so let's see this is  what we have enough um with this we we build   it already you and I check the video description  I'll put the link of this video in there so you   can check it if you know you don't know how to  implement quickie authentication then check the   video and I'll continue with this we have our just  log in and our register which create user account   using the user manager or the identity manager  that we use in here so this is very simple thing   okay here we are not adding any um r b b or policy  base nothing here when you check the settings in   here from the program CS you can see we just add  this authentication State provider and we have   authentication scheme specified in Here and Now  quick key also service added and that is all we   have a default policy in here okay so with this  we are going to remove the default policy because   now we're going to add this dynamically dur run  time so we can commment this okay so when I do   this it's commented and now what I need to do  here is to add the authorization so build out services do add authorization and that is it so here we have it  added and we've commented the default policy that   we have so now I'm going to run this application  for you to see that this app does not have any   policy based authorization it's only only the  authentication by quickie okay so let me save   this let's find this up so you can see that  here we have our application run and we have   just register and I login so if I log in as  an admin let's see here I have my email and   password be authenticated but with this there  is no um policy or there's no um road base or   um policy authorization system for this just only  the login okay so let's log in and see yeah so you   can see that we are logged in and if I inspect  my um cookies I have it set in here from the   cookie session I have the cookie install in here  that's fine before we start to add this um policy   authorization maybe you might be asking why do  we need to add um this authorization dynamically   during around time okay that's good question now  let's say if you have an application with r base   you know you can change users role from manager  to user from user to admin admin to Pro and you   can do all these Stu in here let's say if it is  policy authorization and you want to now change   the policy itself not the claims the policy itself  now you know when changing rules admin can do it   without the help of developer isn't it what of  when changing policy admin cannot have access   unless a developer so that is the reason why you  need to dynamically add claims is it claims or   policy your policy you see so you can create  a user and assign a policy to that user this   policy will be created dynamically and as soon  as the user logs in that policy also get fesh   from the database and now get applied so you  can store all your policies in database with   your claims and anytime a user logs in based on  the claims or based on the policy that user is   FSE under you retrieve them and then you apply  them to your application Dynamic app fantastic   yeah so that's what you're going to do so  that's the importance of using Dynamic um   um policy authorization okay so now that you  understand this I believe the next question   is how do I implement this that's right that is  the next that we're going to do so let's close this we're going to create a service  here here to help us create this okay   so in here I can just create  a folder to this and maybe I   can name it as policy authorization  well you can give it any name of a choice that's fine let me create an interface and I'm going to say my  interface I'm going to call iot let me say I policy OD now with this we want to have two methods okay  the first one is to um okay let's have a method   now later on we talk about the second one so here  this what you're going to do we want to have void   and that is create policy so this is the method  that we are creating now with this create policy   maybe we can specify um the role that you want  and maybe the policy name what are the things   that you need what are the claims that you need so  in here we're going to add a row and we're going   to add the policy name that is all okay so here  we have string row name and we have string policy name you can decide to specify  which parameters you need based   on your criteria this is another  use case so I'm using this okay   oh this an interface and see what I've  done okay so I'm going to clear this one all right so we have this and  and we can also check let's also have   another method and with this method  we are going to return authorization policy authorization policy will return the  authorization itself and here we can get policy by name so get policy by name and as soon as we   hear name what comes to mind it  means we must pass in parameter of policy name perfect these are the two  par interfaces that we need not parameters   interfaces that's fine okay now that we  are done here we can save this close this   and once you have an interface it tells you  that we need what perfect implementation so   quickly policy art will be the name for that  in your policy authorization folder you're   going to create a class in here and it's  going to be policy art give it any name of   your choice okay so mine is policy art now  this has to inherit from the boss if youve   work with this before so I policy art we need to  implement these interfaces so have them setting here okay let's create Conant for this  Constructor and we're going to pass in   i options of authorization  options so I options okay of authorization options that is  this guy let's give it a name of authorization option okay and  this tells you that we need to let's see so here create and assign  this field so we have this in here and   I we assigning this so we can say  that this dot value and I think   normally we can use this underscore in  here okay so we can remove this make it underscore and instead of using this we  have to we don't want an option here we   want the so a s option is equal to this.  Value so we have this set already and that   is all the next method here is to create  okay but first of all let's work on the   get first because get is simple so we say  this is V policy is equal to then we can   have this Al option. get policy you see that  passing a policy name then we can return the policy okay so we are returning this policy  by say this a task we have to use task from results from results then pass in this policy  and now we are good to go perfect okay let's   go to the create that is where the magic comes  in first of all we need to create an instance   of authorization policy Builder because  you're going to build this so we need to   have the headset first so let's see I'm going  to say this is policy again and I'm going to   name it as new authorization Builder search for  Builder Builder Builder Builder do you have it authorization Builder that's M aside from that we want to have access to with this policy what we need here first is do   required user authenticated user  must authenticated first second   one do required row so here let's pass in  the row that we have and that is the row name you see this then we have dot build very  simple after building this we have to pass this   um authorization Builder into the option  that we created so we're going to say that authorization option dot add policy and now  this we specify the policy name and the policy itself H so nice and simple okay so now  that we are done let's go in and register   the service of this so go to program and  anywhere okay you can put it so I'm going   to say builda Services I didn't say bu  I said Builder Services now do add sing 10 and with this I need to  specify I authorization policy Builder and this should come from  the name space of face and we need the Builder is that just one we need I nearly   forgot that we created just I I  know you got it right so I policy y this one okay I policy art and now this is  policy art this is what we need to do this is   the right thing so do this okay all right so  we have this set so you can see that we don't   have have any default policy set we have the  um interface and this implementation that we   created being linked up in here and that  is all we have authorization also service   registered and that is good okay let's  save this now let's go to the UI let's   say in the homepage I'm going to have a button  in here so first of all maybe we can specify string and I'm going to set this say policy name I'm going to have find that  string and I'm going to say this is row now I'm going to have a  method and this is void add policy now in here I'm going to inject inject the I OD all the time is I pocot isn't it I poot which coming from this space and I said  this is policy y let's have our setet in here now if I click on this if I click on ADD policy I'm going to say policy art  dot then create policy specify the   name so here what we need is  a row name so row and policy name so that is your name in here so anytime that I click on this button I want  to create this policy now let's have a button down here add policy maybe you can have an input test box too and add bind you want to say first  one is going to be the policy name that is this we can have a duplicate  of this and it's going to be row so we can have policy name row then the button very simple one you see this now when we  have done when you finish creating this we want   to add a method so we can get this policy so I'm  going to say this is class of this and BTN BTN primary and here I'm going to say mb5  I'm going to leave space let me make   a copy of this and now instead of add that is get policy and now this policy you need to specify  the same name that you pass on here so get policy and now this going to say polic dot  get policy by name specify the policy name   now this going to return I authorization policy  so we can just store this here if you want to check okay and here we can also authenticate  the user and see if the user matches this one   so here in order to authenticate it let's  see what I need to do here is we're going   to have this authorization service injected  that's great now here we authentica this so   instead of we want to move this so  let's have claim principal for this user so you have a then we  say this is user so instead   of this we can say user is equal  to this then we want to cut this one you want to have a button down here so async tasken toate user then in here we need  to specify we have the current user   logged in we pass in this policy and  now that is the policy name the same policy you're not doing anything  so you want to check let's put a   breakpoint here we put a breakpoint here  that is get and now this is create so with   this create we put breakpoint here if  when you create this you're not going   to see but when you go to the service that  we created policy OD when it creates put a   break point down here so this will get hit  that's fine let's hand it up and check it out oh that's right so we have our  form created and we're going to f   so policy name that you want to add this is admin policy now this admin policy we require the  row of admin click on add this break point   is hit it has been added so if I click on  the policy what happens now if I open this   up how many requirement that we have two it  tell you that the policy has been added now   user requires an authenticated user so this  per first requires authenticated user second   you need a row of admin so this working click on  continue on so this is set okay now if I click   on get policy click on this policy ID and have  a look result is in here and the requirements   are two the same requirement requires an  authenticated user and requires the row   Min B of what admin okay now the current  user that we have let's check if the user   qualified currently the user is authenticated  but there is no role assigned to this user as   a claim so let's see if these are qualified  now in here then we must have a button for that and here I'm going to say authenticate user okay so authenticate user we  have it in here let's save this   and now we're going to put break  point to this as well let's load this okay so we're going to do everything  again policy name it is admin policy requires   a row of administrator add policy it has  been added Let's see we two requirements   required and Ked user require the r of  admin that's fine now get policy we do same get policy from this home okay it not  hit because we did not put a break point   let's do this again get policy now it is the  same policy that we have retrieved from the   result the same requirements to requirement  now let's authenticate the user and see iion   currently the user is authenticated because  it's logged in authenticate user have a look   and you can say suceeded was false why go to  failure and it has one you can see this polic   that we created has two claims one is the user  must be authenticated and two is the user must   be an admin row now have a look now you can  see this is the rows and here is saying that   the user must be in an admin row so one has  um succeeded that is authenticated user it   has passed but the second one did not pass and  in authorization all the requirements must get   satisfied before it can give you the green  light so yet still although one is satisfied   one is off so red and green and you can see we  have it as what forse so you're Au indicated   you cannot have access to any component that we  assigned this authorized um or admin policy in here and that is it few steps we are able to  implement our Dynamic policy so you can now   add policy to this now as soon as the person is  online as the person is in here this policy get   applied to all the components um that you want  to check and I'll display or highight based on   the policy or the claims that you requir this  when the user closes the browser and open it   again you have to then apply this policy so the  best way is to create put your policy name your   required claims in a database database table let  me be precise in here anytime LS in you go into   database and now check what are the policies  related to this specific user you get them   and now you pass them in here and you can keep  going yeah so that's a way to dynamically add   policy in Blazer application this cuts across  all the rendom modes talking about web assembly   um interactive server and the auto that's fine  thank you so much for watching and hopefully I'm   going to catch up again with an interesting and  informating content as well till then take care
Info
Channel: Netcode-Hub
Views: 1,260
Rating: undefined out of 5
Keywords: web assembly, .net 8, .NET 8, API, Develop, Blazor, WebAssembly, implementation, controller, .net blazor, create package, download, clipboard, copy in blazor, validation, clean arhitecture, domain, application, infrastructure, jwt authentication, consume authentication, cookie, authentication, CRUD Operations, Web Development, Scaffolding, Rapid Development, Visual Studio, Database Operations, minimal api, policy-based, blazor policy auth, claims, roles, requirement, web api, policy, dynamically
Id: loI_qKP8wD8
Channel Id: undefined
Length: 27min 36sec (1656 seconds)
Published: Thu Apr 04 2024
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.