Fix check for auth services in middleware auto-registration (dotnet#4…

…3205)

src/DefaultBuilder/src/Microsoft.AspNetCore.csproj

@@ -36,6 +36,7 @@
 
   <ItemGroup>
     <InternalsVisibleTo Include="Microsoft.AspNetCore.Authentication.Test" />
+    <InternalsVisibleTo Include="Microsoft.AspNetCore.Authorization.Test" />
   </ItemGroup>
 
 </Project>

src/DefaultBuilder/src/WebApplicationBuilder.cs

@@ -172,7 +172,8 @@ private void ConfigureApplication(WebHostBuilderContext context, IApplicationBui
 
         // Process authorization and authentication middlewares independently to avoid
         // registering middlewares for services that do not exist
-        if (_builtApplication.Services.GetService<IAuthenticationSchemeProvider>() is not null)
+        var serviceProviderIsService = _builtApplication.Services.GetService<IServiceProviderIsService>();
+        if (serviceProviderIsService?.IsService(typeof(IAuthenticationSchemeProvider)) is true)
         {
             // Don't add more than one instance of the middleware
             if (!_builtApplication.Properties.ContainsKey(AuthenticationMiddlewareSetKey))
@@ -184,7 +185,7 @@ private void ConfigureApplication(WebHostBuilderContext context, IApplicationBui
             }
         }
 
-        if (_builtApplication.Services.GetService<IAuthorizationHandlerProvider>() is not null)
+        if (serviceProviderIsService?.IsService(typeof(IAuthorizationHandlerProvider)) is true)
         {
             if (!_builtApplication.Properties.ContainsKey(AuthorizationMiddlewareSetKey))
             {

src/Security/Authorization/test/AuthorizationMiddlewareTests.cs

@@ -5,8 +5,11 @@
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization.Policy;
 using Microsoft.AspNetCore.Authorization.Test.TestObjects;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Hosting;
 using Moq;
 
 namespace Microsoft.AspNetCore.Authorization.Test;
@@ -658,6 +661,27 @@ public async Task IAuthenticateResultFeature_UsesExistingFeatureAndResult_Withou
         Assert.Same(authenticateResult, authenticateResultFeature.AuthenticateResult);
     }
 
+    // Validation for https://github.com/dotnet/aspnetcore/issues/43188
+    [Fact]
+    public async Task WebApplicationBuilder_CanRegisterAuthzMiddlewareWithScopedService()
+    {
+        var builder = WebApplication.CreateBuilder(new WebApplicationOptions()
+        {
+            EnvironmentName = Environments.Development
+        });
+        builder.Services.AddAuthorization();
+        builder.Services.AddScoped<IAuthorizationHandler, TestAuthorizationHandler>();
+        using var app = builder.Build();
+
+        Assert.False(app.Properties.ContainsKey("__AuthenticationMiddlewareSet"));
+        Assert.False(app.Properties.ContainsKey("__AuthorizationMiddlewareSet"));
+
+        await app.StartAsync();
+
+        Assert.False(app.Properties.ContainsKey("__AuthenticationMiddlewareSet"));
+        Assert.True(app.Properties.ContainsKey("__AuthorizationMiddlewareSet"));
+    }
+
     private AuthorizationMiddleware CreateMiddleware(RequestDelegate requestDelegate = null, IAuthorizationPolicyProvider policyProvider = null)
     {
         requestDelegate = requestDelegate ?? ((context) => Task.CompletedTask);
@@ -724,6 +748,11 @@ private HttpContext GetHttpContext(
         return httpContext;
     }
 
+    public class TestAuthorizationHandler : IAuthorizationHandler
+    {
+        public Task HandleAsync(AuthorizationHandlerContext context) => Task.CompletedTask;
+    }
+
     private class TestRequestDelegate
     {
         private readonly int _statusCode;

src/Security/Authorization/test/Microsoft.AspNetCore.Authorization.Test.csproj

@@ -5,6 +5,7 @@
   </PropertyGroup>
 
   <ItemGroup>
+    <Reference Include="Microsoft.AspNetCore" />
     <Reference Include="Microsoft.AspNetCore.Authorization" />
     <Reference Include="Microsoft.AspNetCore.Authorization.Policy" />
     <Reference Include="Microsoft.AspNetCore.Http" />