Enforcer provides the following categories of Oasis attributes accessible from ALFA. These attributes can be used as part of an expression inside a policy.
To make use of these attributes from inside an ALFA file, use the appropriate import statement:
import Oasis.Attributes
import Enforcer.Attributes
These attributes and their properties are also available in .Net code under the Rsk.Enforcer namespace.
Http Attributes
These attributes are defined for use with the Rsk.Enforcer.AspNet package, provided with the HttpRequestAttributeValueProvider. See Protecting Controller Actions for guidance on usage.
Categories for these attributes are defined as:
category httpCat = "urn:rsk:names:enforcer:1.1:attribute-catergory:http-request"
category httpHeaderCat = "urn:rsk:names:enforcer:1.1:attribute-catergory:http-header"
category httpQueryParameterCat = "urn:rsk:names:enforcer:1.1:attribute-catergory:http-request-query"
Verb
Namespace : Enforcer.Attributes.Http
attribute Verb
{
id = "verb"
category = httpCat
type = string
}
Returns the verb used for the HTTP request, eg. GET, POST, PUT, etc.
URL
Namespace : Enforcer.Attributes.Http
attribute Url
{
id = "url"
category = httpCat
type = string
}
Returns the full URL of the request. Any URL encoding will be preserved.
Scheme
Namespace : Enforcer.Attributes.Http
attribute Scheme
{
id = "scheme"
category = httpCat
type = string
}
The scheme of the request, eg. https in https://identityserver.com/Enforcer.
Host
Namespace : Enforcer.Attributes.Http
attribute Host
{
id = "host"
category = httpCat
type = string
}
The host, eg. identityserver.com in https://identityserver.com/Enforcer.
Path
Namespace : Enforcer.Attributes.Http
attribute Path
{
id = "path"
category = httpCat
type = string
}
The request path, eg. documentation/enforcer in https://www.identityserver.com/documentation/enforcer/. Any URL encoding will be preserved.
Query
Namespace : Enforcer.Attributes.Http
attribute Query
{
id = "query"
category = httpCat
type = string
}
The full query string for the request, eg. product=Enforcer in https://shop.identityserver.com?product=Enforcer. Any URL encoding will be preserved.
Port
Namespace : Enforcer.Attributes.Http
attribute Port
{
id = "port"
category = httpCat
type = integer
}
The port used for the request, eg. 80 (HTTP), 443 (HTTPS).
Http Header
HTTP headers can be selected by name by defining attributes with the following format:
import Enforcer.Attributes
attribute <HeaderAlfaName>
{
id = "<HeaderName>"
category = httpHeaderCat
type = string
}
Where <HeaderAlfaName> and <HeaderName> are user-defined. <HeaderName> is case-sensitive.
Http Header Example
The following ALFA definition selects the values of the Content-Type header from a request.
import Enforcer.Attributes
attribute ContentType
{
id = "Content-Type"
type = string
category = httpHeaderCat
}
Query String Parameters
HTTP query string parameters can be selected by name by defining attributes with the following format:
import Enforcer.Attributes
attribute <ParameterAlfaName>
{
id = "<ParameterName>"
category = httpQueryParameterCat
type = string
}
Where <ParameterAlfaName> and <ParameterName> are user-defined. <ParameterName> is case-sensitive and URL encoding will be decoded.
Query String Example
The following ALFA definition selects the value of the product query string parameter from the request https://shop.identityserver.com?product=Enforcer.
import Enforcer.Attributes
attribute Product
{
id = "product"
type = string
category = httpQueryParameterCat
}