Unlocking🔏Dynamic Policy Authorization in .NET 8 Blazor : A Guide for Server, Wasm, and Auto Modes🔥

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey everyone welcome back to net code H Channel I am Frederick as you know and I'm happy to have you here today do you actually know how to add policy authorization to Blazer application dynamically this means during run time do you know how to add policy authorization to it in this video I'm going to show you how to do that it is not all the time that you have to configure your policy authorization in the program with cs file this time around in the during the run time you can add authorization to it and I'm going to show you today before we jump right into this make sure you subscribe to this Channel and also click on this like and on the Bell icon to receive update as soon as I upload new video if you want to grab this source code it to be available as well so check the video description you know before you apply authorization you must first have authentication and with this I'm not going to start with authentication because this video is talking about all is main focusing on adding policy dynamically so if you want to know how to add authentication that is a quick authentication check the video description I have several Links of videos in there you can watch any of them I do offer coaching or mentoring session to people who are interested so if you want then check the video description I have an email that you can write to me through it all right so let's see this is what we have enough um with this we we build it already you and I check the video description I'll put the link of this video in there so you can check it if you know you don't know how to implement quickie authentication then check the video and I'll continue with this we have our just log in and our register which create user account using the user manager or the identity manager that we use in here so this is very simple thing okay here we are not adding any um r b b or policy base nothing here when you check the settings in here from the program CS you can see we just add this authentication State provider and we have authentication scheme specified in Here and Now quick key also service added and that is all we have a default policy in here okay so with this we are going to remove the default policy because now we're going to add this dynamically dur run time so we can commment this okay so when I do this it's commented and now what I need to do here is to add the authorization so build out services do add authorization and that is it so here we have it added and we've commented the default policy that we have so now I'm going to run this application for you to see that this app does not have any policy based authorization it's only only the authentication by quickie okay so let me save this let's find this up so you can see that here we have our application run and we have just register and I login so if I log in as an admin let's see here I have my email and password be authenticated but with this there is no um policy or there's no um road base or um policy authorization system for this just only the login okay so let's log in and see yeah so you can see that we are logged in and if I inspect my um cookies I have it set in here from the cookie session I have the cookie install in here that's fine before we start to add this um policy authorization maybe you might be asking why do we need to add um this authorization dynamically during around time okay that's good question now let's say if you have an application with r base you know you can change users role from manager to user from user to admin admin to Pro and you can do all these Stu in here let's say if it is policy authorization and you want to now change the policy itself not the claims the policy itself now you know when changing rules admin can do it without the help of developer isn't it what of when changing policy admin cannot have access unless a developer so that is the reason why you need to dynamically add claims is it claims or policy your policy you see so you can create a user and assign a policy to that user this policy will be created dynamically and as soon as the user logs in that policy also get fesh from the database and now get applied so you can store all your policies in database with your claims and anytime a user logs in based on the claims or based on the policy that user is FSE under you retrieve them and then you apply them to your application Dynamic app fantastic yeah so that's what you're going to do so that's the importance of using Dynamic um um policy authorization okay so now that you understand this I believe the next question is how do I implement this that's right that is the next that we're going to do so let's close this we're going to create a service here here to help us create this okay so in here I can just create a folder to this and maybe I can name it as policy authorization well you can give it any name of a choice that's fine let me create an interface and I'm going to say my interface I'm going to call iot let me say I policy OD now with this we want to have two methods okay the first one is to um okay let's have a method now later on we talk about the second one so here this what you're going to do we want to have void and that is create policy so this is the method that we are creating now with this create policy maybe we can specify um the role that you want and maybe the policy name what are the things that you need what are the claims that you need so in here we're going to add a row and we're going to add the policy name that is all okay so here we have string row name and we have string policy name you can decide to specify which parameters you need based on your criteria this is another use case so I'm using this okay oh this an interface and see what I've done okay so I'm going to clear this one all right so we have this and and we can also check let's also have another method and with this method we are going to return authorization policy authorization policy will return the authorization itself and here we can get policy by name so get policy by name and as soon as we hear name what comes to mind it means we must pass in parameter of policy name perfect these are the two par interfaces that we need not parameters interfaces that's fine okay now that we are done here we can save this close this and once you have an interface it tells you that we need what perfect implementation so quickly policy art will be the name for that in your policy authorization folder you're going to create a class in here and it's going to be policy art give it any name of your choice okay so mine is policy art now this has to inherit from the boss if youve work with this before so I policy art we need to implement these interfaces so have them setting here okay let's create Conant for this Constructor and we're going to pass in i options of authorization options so I options okay of authorization options that is this guy let's give it a name of authorization option okay and this tells you that we need to let's see so here create and assign this field so we have this in here and I we assigning this so we can say that this dot value and I think normally we can use this underscore in here okay so we can remove this make it underscore and instead of using this we have to we don't want an option here we want the so a s option is equal to this. Value so we have this set already and that is all the next method here is to create okay but first of all let's work on the get first because get is simple so we say this is V policy is equal to then we can have this Al option. get policy you see that passing a policy name then we can return the policy okay so we are returning this policy by say this a task we have to use task from results from results then pass in this policy and now we are good to go perfect okay let's go to the create that is where the magic comes in first of all we need to create an instance of authorization policy Builder because you're going to build this so we need to have the headset first so let's see I'm going to say this is policy again and I'm going to name it as new authorization Builder search for Builder Builder Builder Builder do you have it authorization Builder that's M aside from that we want to have access to with this policy what we need here first is do required user authenticated user must authenticated first second one do required row so here let's pass in the row that we have and that is the row name you see this then we have dot build very simple after building this we have to pass this um authorization Builder into the option that we created so we're going to say that authorization option dot add policy and now this we specify the policy name and the policy itself H so nice and simple okay so now that we are done let's go in and register the service of this so go to program and anywhere okay you can put it so I'm going to say builda Services I didn't say bu I said Builder Services now do add sing 10 and with this I need to specify I authorization policy Builder and this should come from the name space of face and we need the Builder is that just one we need I nearly forgot that we created just I I know you got it right so I policy y this one okay I policy art and now this is policy art this is what we need to do this is the right thing so do this okay all right so we have this set so you can see that we don't have have any default policy set we have the um interface and this implementation that we created being linked up in here and that is all we have authorization also service registered and that is good okay let's save this now let's go to the UI let's say in the homepage I'm going to have a button in here so first of all maybe we can specify string and I'm going to set this say policy name I'm going to have find that string and I'm going to say this is row now I'm going to have a method and this is void add policy now in here I'm going to inject inject the I OD all the time is I pocot isn't it I poot which coming from this space and I said this is policy y let's have our setet in here now if I click on this if I click on ADD policy I'm going to say policy art dot then create policy specify the name so here what we need is a row name so row and policy name so that is your name in here so anytime that I click on this button I want to create this policy now let's have a button down here add policy maybe you can have an input test box too and add bind you want to say first one is going to be the policy name that is this we can have a duplicate of this and it's going to be row so we can have policy name row then the button very simple one you see this now when we have done when you finish creating this we want to add a method so we can get this policy so I'm going to say this is class of this and BTN BTN primary and here I'm going to say mb5 I'm going to leave space let me make a copy of this and now instead of add that is get policy and now this policy you need to specify the same name that you pass on here so get policy and now this going to say polic dot get policy by name specify the policy name now this going to return I authorization policy so we can just store this here if you want to check okay and here we can also authenticate the user and see if the user matches this one so here in order to authenticate it let's see what I need to do here is we're going to have this authorization service injected that's great now here we authentica this so instead of we want to move this so let's have claim principal for this user so you have a then we say this is user so instead of this we can say user is equal to this then we want to cut this one you want to have a button down here so async tasken toate user then in here we need to specify we have the current user logged in we pass in this policy and now that is the policy name the same policy you're not doing anything so you want to check let's put a breakpoint here we put a breakpoint here that is get and now this is create so with this create we put breakpoint here if when you create this you're not going to see but when you go to the service that we created policy OD when it creates put a break point down here so this will get hit that's fine let's hand it up and check it out oh that's right so we have our form created and we're going to f so policy name that you want to add this is admin policy now this admin policy we require the row of admin click on add this break point is hit it has been added so if I click on the policy what happens now if I open this up how many requirement that we have two it tell you that the policy has been added now user requires an authenticated user so this per first requires authenticated user second you need a row of admin so this working click on continue on so this is set okay now if I click on get policy click on this policy ID and have a look result is in here and the requirements are two the same requirement requires an authenticated user and requires the row Min B of what admin okay now the current user that we have let's check if the user qualified currently the user is authenticated but there is no role assigned to this user as a claim so let's see if these are qualified now in here then we must have a button for that and here I'm going to say authenticate user okay so authenticate user we have it in here let's save this and now we're going to put break point to this as well let's load this okay so we're going to do everything again policy name it is admin policy requires a row of administrator add policy it has been added Let's see we two requirements required and Ked user require the r of admin that's fine now get policy we do same get policy from this home okay it not hit because we did not put a break point let's do this again get policy now it is the same policy that we have retrieved from the result the same requirements to requirement now let's authenticate the user and see iion currently the user is authenticated because it's logged in authenticate user have a look and you can say suceeded was false why go to failure and it has one you can see this polic that we created has two claims one is the user must be authenticated and two is the user must be an admin row now have a look now you can see this is the rows and here is saying that the user must be in an admin row so one has um succeeded that is authenticated user it has passed but the second one did not pass and in authorization all the requirements must get satisfied before it can give you the green light so yet still although one is satisfied one is off so red and green and you can see we have it as what forse so you're Au indicated you cannot have access to any component that we assigned this authorized um or admin policy in here and that is it few steps we are able to implement our Dynamic policy so you can now add policy to this now as soon as the person is online as the person is in here this policy get applied to all the components um that you want to check and I'll display or highight based on the policy or the claims that you requir this when the user closes the browser and open it again you have to then apply this policy so the best way is to create put your policy name your required claims in a database database table let me be precise in here anytime LS in you go into database and now check what are the policies related to this specific user you get them and now you pass them in here and you can keep going yeah so that's a way to dynamically add policy in Blazer application this cuts across all the rendom modes talking about web assembly um interactive server and the auto that's fine thank you so much for watching and hopefully I'm going to catch up again with an interesting and informating content as well till then take care

Info

Channel: Netcode-Hub

Views: 1,260

Rating: undefined out of 5

Keywords: web assembly, .net 8, .NET 8, API, Develop, Blazor, WebAssembly, implementation, controller, .net blazor, create package, download, clipboard, copy in blazor, validation, clean arhitecture, domain, application, infrastructure, jwt authentication, consume authentication, cookie, authentication, CRUD Operations, Web Development, Scaffolding, Rapid Development, Visual Studio, Database Operations, minimal api, policy-based, blazor policy auth, claims, roles, requirement, web api, policy, dynamically

Id: loI_qKP8wD8

Channel Id: undefined

Length: 27min 36sec (1656 seconds)

Published: Thu Apr 04 2024