如何在.NET5中添加自定义授权

我有一个使用NET 5的ASP.NET Core MVC应用程序。只有经过身份验证的用户才能访问该应用程序。下面的授权策略会处理它。

public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews(options =>
{
var authorizationPolicy = new AuthorizationPolicyBuilder()
.RequireClaim(ClaimTypes.Email)
.RequireClaim(ClaimTypes.NameIdentifier)
.RequireClaim(ClaimTypes.Name)
.RequireClaim(IdentityClaimTypes.IdToken)
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(authorizationPolicy));
}) 
}

控制器还使用AuthorizeRoles属性来检查基于角色的访问。

public class AuthorizeRolesAttribute : AuthorizeAttribute
{
public AuthorizeRolesAttribute(params string[] roles) : base()
{
if (roles.Length > 0)
{
Roles = string.Join(",", roles);
}
}
}

[AuthorizeRoles("ClientAdmin")]
public class WorkItemClientsController : BaseController
{
private readonly IClientWorkItemService _clientWorkItemService;
public WorkItemClientsController(IClientWorkItemService clientWorkItemService)
{
_clientWorkItemService = clientWorkItemService;
}
[HttpGet]
[Route("workitems/{workItemID}/clients")]
public async Task<ActionResult> Index([FromRoute(Name = "workItemID")] int workItemID)
{

}
}

该应用程序几乎没有需要根据数据库中用户的数据进行进一步授权的操作。我有以下

public class WorkItemRequirement : IAuthorizationRequirement
{
}
public class WorkItemAuthorizationHandler : AuthorizationHandler<WorkItemRequirement>
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, WorkItemRequirement requirement)
{
//check if logged in user can access this route based on workitemid from the route, if true then return context.Succeed(requirement);
}
}
public class WorkItemAuthorizeAttribute : AuthorizeAttribute
{       
public WorkItemAuthorizeAttribute()
{ 
Policy = "WorkItemPolicy"
}
}

我将添加WorkItemAuthorizeAttribute以要求操作方法。

这里我缺少的是WorkItemAuthorizeAttribute如何知道要调用哪个处理程序。在这种情况下，它的WorkItemAuthorizationHandler
要建立此关联，我需要在startup.cs中的AuthorizationPolicyBuilder中更改/添加什么？