4
here is a simple example example
// Program.cs
var builder = WebApplication.CreateBuilder(args);
// Configure authentication
builder.Services.AddAuthentication(IISDefaults.AuthenticationScheme);
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("RequireAdminGroup", policy =>
policy.RequireAssertion(context =>
context.User.IsInRole("YourAdminGroupName")));
});
// Other services configuration...
var app = builder.Build();
// Use authentication middleware
app.UseAuthentication();
app.MapControllers().RequireAuthorization("RequireAdminGroup");
app.MapControllers();
app.Run();
// YourController.cs or YourView.cshtml
var isInAdminGroup = User.IsInRole("YourAdminGroupName");
if (isInAdminGroup)
{
// Code for users in the admin group
}
else
{
// Code for users not in the admin group
}
another example
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
// Configure your JWT options here, e.g., Authority, Audience, etc.
options.Authority = "https://login.microsoftonline.com/your-tenant-id";
options.Audience = "your-client-id";
});
// Other services configuration...
var app = builder.Build();
app.UseAuthentication();
app.UseAuthorization();
// Other middleware configurations...
app.MapControllers();
app.Run();
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("RequireAdminGroup", policy =>
{
policy.RequireRole("YourADGroupName");
});
});
app.MapControllers().RequireAuthorization("RequireAdminGroup");
var isInAdminGroup = User.IsInRole("YourADGroupName");
if (isInAdminGroup)
{
// Code for users in the AD group
}
else
{
// Code for users not in the AD group
}