Added new middleware to protect paths by authorization (also static files)

AMWD.Common.AspNetCore/Security/PathProtection/ProtectedPathMiddleware.cs

@@ -0,0 +1,50 @@
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+
+namespace AMWD.Common.AspNetCore.Security.PathProtection
+{
+	/// <summary>
+	/// Implements a check to provide protected paths.
+	/// </summary>
+	public class ProtectedPathMiddleware
+	{
+		private readonly RequestDelegate next;
+		private readonly PathString path;
+		private readonly string policyName;
+
+		/// <summary>
+		/// Initializes a new instance of the <see cref="ProtectedPathExtensions"/> class.
+		/// </summary>
+		/// <param name="next">The following delegate in the process chain.</param>
+		/// <param name="options">The options to configure the middleware.</param>
+		public ProtectedPathMiddleware(RequestDelegate next, ProtectedPathOptions options)
+		{
+			this.next = next;
+			path = options.Path;
+			policyName = options.PolicyName;
+		}
+
+		/// <summary>
+		/// The delegate invokation.
+		/// Performs the protection check.
+		/// </summary>
+		/// <param name="httpContext">The corresponding HTTP context.</param>
+		/// <param name="authorizationService">The <see cref="IAuthorizationService"/>.</param>
+		/// <returns>An awaitable task.</returns>
+		public async Task InvokeAsync(HttpContext httpContext, IAuthorizationService authorizationService)
+		{
+			if (httpContext.Request.Path.StartsWithSegments(path))
+			{
+				var result = await authorizationService.AuthorizeAsync(httpContext.User, null, policyName);
+				if (!result.Succeeded)
+				{
+					await httpContext.ChallengeAsync();
+					return;
+				}
+			}
+			await next.Invoke(httpContext);
+		}
+	}
+}