-
|
I'm trying to manage permissions for the same upstream url based on ClaimRoute, how can I achieve the following: {
"DownstreamPathTemplate": "/User/{username}",
"DownstreamScheme": "https",
"DownstreamHostAndPorts": [
{
"Host": "localhost",
"Port": 9901
}
],
"UpstreamPathTemplate": "/api/user/{username}",
"UpstreamHttpMethod": [ "Get", "Post", "Put" ],
"AuthenticationOptions": {
"AuthenticationProviderKey": "Bearer",
"AllowedScopes": []
}
},Second user scenario: {
"DownstreamPathTemplate": "/User/{username}",
"DownstreamScheme": "https",
"DownstreamHostAndPorts": [
{
"Host": "localhost",
"Port": 9901
}
],
"UpstreamPathTemplate": "/api/user/{username}",
"UpstreamHttpMethod": [ "Delete", "Patch" ],
"AuthenticationOptions": {
"AuthenticationProviderKey": "Bearer",
"AllowedScopes": []
},
"RouteClaimsRequirement": {
"Role": "Administrator"
}
}I couldn't find anywhere in the documentation where we can split RouteClaims based on method. Is that possible in the first place, and is there a way to deal with this using Ocelot, because I believe someone had this issue before. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Hi @hsmadi !
To solve that problem allowing different behaviors, you have to define different upstream templates. Hope it helps! |
Beta Was this translation helpful? Give feedback.
Hi @hsmadi !
You posted unexpected question! 🤣
"UpstreamPathTemplate": "/api/user/{username}",So, different route behaviors means different routes!
You cannot merge all user scenarios into one route with one upstream template!
To solve that problem allowing different behaviors, you have to define different upstream templates.
For the 2nd scenario, Why not to specify another template like this:
"UpstreamPathTemplate": "/api/user/{username}/auth",?That means this path requires the Admin role and given HTTP methods.
Hope it helps!