From c9ea7f07ad04af0c7c85660048f5c07c7ac885f4 Mon Sep 17 00:00:00 2001
From: damienbod <damien_bod@hotmail.com>
Date: Mon, 15 Apr 2024 14:27:57 +0200
Subject: [PATCH] Update authz

---
 dry/Server/Program.cs          | 3 ++-
 dry/Server/UserAdminHandler.cs | 6 +++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/dry/Server/Program.cs b/dry/Server/Program.cs
index d131735..6ab4dc0 100644
--- a/dry/Server/Program.cs
+++ b/dry/Server/Program.cs
@@ -1,5 +1,6 @@
 using dry.Server;
 using dry.Server.Services;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Identity.Web;
 using Microsoft.Identity.Web.UI;
@@ -41,7 +42,7 @@
 services.AddControllersWithViews(options =>
     options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()));
 
-services.AddSingleton<UserAdminHandler>();
+services.AddSingleton<IAuthorizationHandler, UserAdminHandler>();
 
 services.AddAuthorization(options =>
 {
diff --git a/dry/Server/UserAdminHandler.cs b/dry/Server/UserAdminHandler.cs
index bcefd32..ec86f98 100644
--- a/dry/Server/UserAdminHandler.cs
+++ b/dry/Server/UserAdminHandler.cs
@@ -6,10 +6,10 @@ public class UserAdminHandler : AuthorizationHandler<UserAdminRequirement>
 {
     protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, UserAdminRequirement requirement)
     {
-        var userClaim = context.User.FindFirst(c => c.Type == "roles" && c.Value == "user");
-        var adminClaim = context.User.FindFirst(c => c.Type == "roles" && c.Value == "admin");
+        var userClaim = context.User.HasClaim(c => c.Type == "roles" && c.Value == "user");
+        var adminClaim = context.User.HasClaim(c => c.Type == "roles" && c.Value == "admin");
 
-        if (userClaim is null && adminClaim is null)
+        if (userClaim && adminClaim)
         {
             return Task.CompletedTask;
         }