Allow setting custom/fallback policies in the authorization block

PropelAuth/PropelAuthExtensions.cs

@@ -165,7 +165,14 @@ private static void ConfigureAuthentication(IServiceCollection services, PropelA
                     });
             }
 
-            services.AddAuthorization();
+            if (options.ConfigureAuthorization != null)
+            {
+                services.AddAuthorization(options.ConfigureAuthorization);
+            }
+            else
+            {
+                services.AddAuthorization();
+            }
         }
 
         /// <summary>

PropelAuth/PropelAuthOptions.cs

@@ -1,3 +1,5 @@
+using Microsoft.AspNetCore.Authorization;
+
 namespace PropelAuth.Models
 {
     /// <summary>
@@ -30,6 +32,11 @@
         /// </summary>
         public OAuthOptions? OAuthOptions { get; }
 
+        /// <summary>
+        /// Gets the action to configure authorization options including custom policies.
+        /// </summary>
+        public Action<AuthorizationOptions>? ConfigureAuthorization { get; }
+
         #endregion
 
         #region Constructors
@@ -41,22 +48,24 @@
         /// <param name="apiKey">The API key used for authenticating requests to PropelAuth.</param>
         /// <param name="publicKey">Optional. The public key used for token verification.</param>
         /// <param name="oAuthOptions">Optional. The OAuth options if you are using PropelAuth's OAuth feature.</param>
+        /// <param name="configureAuthorization">Optional. Action to configure authorization options including custom policies.</param>
         public PropelAuthOptions(string authUrl, string apiKey, string? publicKey = null,
-            OAuthOptions? oAuthOptions = null)
+            OAuthOptions? oAuthOptions = null, Action<AuthorizationOptions>? configureAuthorization = null)
         {
             AuthUrl = authUrl;
             ApiKey = apiKey;
             PublicKey = publicKey;
             OAuthOptions = oAuthOptions;
+            ConfigureAuthorization = configureAuthorization;
         }
 
         #endregion
     }
 
     public class OAuthOptions
     {
         #region Properties
-        
+
         /// <summary>
         /// The client ID for the OAuth application.
         /// </summary>
@@ -71,24 +80,25 @@
         /// The callback path for the OAuth application. Defaults to "/callback"
         /// </summary>
         public string? CallbackPath { get; }
-        
+
         /// <summary>
         /// Whether to allow requests via an authorization header `Bearer {TOKEN}`. Default false.
         /// </summary>
         public bool? AllowBearerTokenAuth { get; }
-        
+
         #endregion
 
         #region Constructor
-        
+
         /// <summary>
         /// Initializes a new instance of the <see cref="OAuthOptions"/> class.
         /// </summary>
         /// <param name="clientId">The client ID for the OAuth application.</param>
         /// <param name="clientSecret">The client secret for the OAuth application.</param>
         /// <param name="callbackPath">Optional. The callback path for the OAuth application. Defaults to "/callback"</param>
         /// <param name="allowBearerTokenAuth">Optional. Whether to allow requests via an authorization header `Bearer {TOKEN}`. Default false.</param>
-        public OAuthOptions(string clientId, string clientSecret, string? callbackPath = "/callback", bool? allowBearerTokenAuth = false)
+        public OAuthOptions(string clientId, string clientSecret, string? callbackPath = "/callback",
+            bool? allowBearerTokenAuth = false)
         {
             ClientId = clientId;
             ClientSecret = clientSecret;
@@ -97,6 +107,5 @@
         }
 
         #endregion
-
     }
 }