Add UseAuthorization options overload

Author: JamesNK

src/Microsoft.AspNetCore.Authorization.Policy/AuthorizationAppBuilderExtensions.cs

@@ -3,6 +3,7 @@
 
 using System;
 using Microsoft.AspNetCore.Authorization;
+using Microsoft.Extensions.Options;
 
 namespace Microsoft.AspNetCore.Builder
 {
@@ -17,5 +18,20 @@ public static IApplicationBuilder UseAuthorization(this IApplicationBuilder app)
 
  return app.UseMiddleware<AuthorizationMiddleware>();
  }
+
+ public static IApplicationBuilder UseAuthorization(this IApplicationBuilder app, AuthorizationOptions options)
+ {
+ if (app == null)
+ {
+ throw new ArgumentNullException(nameof(app));
+ }
+
+ if (options == null)
+ {
+ throw new ArgumentNullException(nameof(options));
+ }
+
+ return app.UseMiddleware<AuthorizationMiddleware>(new DefaultAuthorizationPolicyProvider(Options.Create(options)));
+ }
  }
 }

src/Microsoft.AspNetCore.Authorization.Policy/AuthorizationMiddleware.cs

@@ -40,8 +40,6 @@ public async Task Invoke(HttpContext context)
  throw new ArgumentNullException(nameof(context));
  }
 
- var policyEvaluator = context.RequestServices.GetRequiredService<IPolicyEvaluator>();
-
  var endpoint = context.Features.Get<IEndpointFeature>()?.Endpoint;
  var authorizeData = endpoint?.Metadata.GetOrderedMetadata<IAuthorizeData>() ?? Array.Empty<IAuthorizeData>();
  var policy = await AuthorizationPolicy.CombineAsync(_policyProvider, authorizeData);
@@ -51,6 +49,8 @@ public async Task Invoke(HttpContext context)
  return;
  }
 
+ var policyEvaluator = context.RequestServices.GetRequiredService<IPolicyEvaluator>();
+
  var authenticateResult = await policyEvaluator.AuthenticateAsync(policy, context);
 
  // Allow Anonymous skips all authorization