diff --git a/src/DefaultBuilder/src/Microsoft.AspNetCore.csproj b/src/DefaultBuilder/src/Microsoft.AspNetCore.csproj
index 02df79c825fe..45952ee088cf 100644
--- a/src/DefaultBuilder/src/Microsoft.AspNetCore.csproj
+++ b/src/DefaultBuilder/src/Microsoft.AspNetCore.csproj
@@ -36,6 +36,7 @@
+
diff --git a/src/DefaultBuilder/src/WebApplicationBuilder.cs b/src/DefaultBuilder/src/WebApplicationBuilder.cs
index d002acd3a5e8..a8e58e7223fe 100644
--- a/src/DefaultBuilder/src/WebApplicationBuilder.cs
+++ b/src/DefaultBuilder/src/WebApplicationBuilder.cs
@@ -172,7 +172,8 @@ private void ConfigureApplication(WebHostBuilderContext context, IApplicationBui
// Process authorization and authentication middlewares independently to avoid
// registering middlewares for services that do not exist
- if (_builtApplication.Services.GetService() is not null)
+ var serviceProviderIsService = _builtApplication.Services.GetService();
+ if (serviceProviderIsService?.IsService(typeof(IAuthenticationSchemeProvider)) is true)
{
// Don't add more than one instance of the middleware
if (!_builtApplication.Properties.ContainsKey(AuthenticationMiddlewareSetKey))
@@ -184,7 +185,7 @@ private void ConfigureApplication(WebHostBuilderContext context, IApplicationBui
}
}
- if (_builtApplication.Services.GetService() is not null)
+ if (serviceProviderIsService?.IsService(typeof(IAuthorizationHandlerProvider)) is true)
{
if (!_builtApplication.Properties.ContainsKey(AuthorizationMiddlewareSetKey))
{
diff --git a/src/Security/Authorization/test/AuthorizationMiddlewareTests.cs b/src/Security/Authorization/test/AuthorizationMiddlewareTests.cs
index 15ee3bc641c9..131dfa71caa7 100644
--- a/src/Security/Authorization/test/AuthorizationMiddlewareTests.cs
+++ b/src/Security/Authorization/test/AuthorizationMiddlewareTests.cs
@@ -5,8 +5,11 @@
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization.Policy;
using Microsoft.AspNetCore.Authorization.Test.TestObjects;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Hosting;
using Moq;
namespace Microsoft.AspNetCore.Authorization.Test;
@@ -658,6 +661,27 @@ public async Task IAuthenticateResultFeature_UsesExistingFeatureAndResult_Withou
Assert.Same(authenticateResult, authenticateResultFeature.AuthenticateResult);
}
+ // Validation for https://github.com/dotnet/aspnetcore/issues/43188
+ [Fact]
+ public async Task WebApplicationBuilder_CanRegisterAuthzMiddlewareWithScopedService()
+ {
+ var builder = WebApplication.CreateBuilder(new WebApplicationOptions()
+ {
+ EnvironmentName = Environments.Development
+ });
+ builder.Services.AddAuthorization();
+ builder.Services.AddScoped();
+ using var app = builder.Build();
+
+ Assert.False(app.Properties.ContainsKey("__AuthenticationMiddlewareSet"));
+ Assert.False(app.Properties.ContainsKey("__AuthorizationMiddlewareSet"));
+
+ await app.StartAsync();
+
+ Assert.False(app.Properties.ContainsKey("__AuthenticationMiddlewareSet"));
+ Assert.True(app.Properties.ContainsKey("__AuthorizationMiddlewareSet"));
+ }
+
private AuthorizationMiddleware CreateMiddleware(RequestDelegate requestDelegate = null, IAuthorizationPolicyProvider policyProvider = null)
{
requestDelegate = requestDelegate ?? ((context) => Task.CompletedTask);
@@ -724,6 +748,11 @@ private HttpContext GetHttpContext(
return httpContext;
}
+ public class TestAuthorizationHandler : IAuthorizationHandler
+ {
+ public Task HandleAsync(AuthorizationHandlerContext context) => Task.CompletedTask;
+ }
+
private class TestRequestDelegate
{
private readonly int _statusCode;
diff --git a/src/Security/Authorization/test/Microsoft.AspNetCore.Authorization.Test.csproj b/src/Security/Authorization/test/Microsoft.AspNetCore.Authorization.Test.csproj
index c89f347b2ab6..11fe6d5589af 100644
--- a/src/Security/Authorization/test/Microsoft.AspNetCore.Authorization.Test.csproj
+++ b/src/Security/Authorization/test/Microsoft.AspNetCore.Authorization.Test.csproj
@@ -5,6 +5,7 @@
+