Apply API feedback for authorization failure (#35620)

Author: Kahbazi

src/Security/Authorization/Core/src/AuthorizationFailure.cs

@@ -27,7 +27,7 @@ private AuthorizationFailure() { }
         /// <summary>
         /// Allows <see cref="IAuthorizationHandler"/> to flow more detailed reasons for why authorization failed.
         /// </summary>
-        public IEnumerable<AuthorizationFailureReason> Reasons { get; private set; } = Array.Empty<AuthorizationFailureReason>();
+        public IEnumerable<AuthorizationFailureReason> FailureReasons { get; private set; } = Array.Empty<AuthorizationFailureReason>();
 
         /// <summary>
         /// Return a failure due to <see cref="AuthorizationHandlerContext.Fail()"/> being called.
@@ -47,7 +47,7 @@ public static AuthorizationFailure Failed(IEnumerable<AuthorizationFailureReason
             => new AuthorizationFailure
             {
                 FailCalled = true,
-                Reasons = reasons
+                FailureReasons = reasons
             };
 
         /// <summary>

src/Security/Authorization/Core/src/AuthorizationFailureReason.cs

@@ -22,11 +22,11 @@ public AuthorizationFailureReason(IAuthorizationHandler handler, string message)
         /// <summary>
         /// A message describing the failure reason.
         /// </summary>
-        public string Message { get; set; }
+        public string Message { get; }
 
         /// <summary>
         /// The <see cref="IAuthorizationHandler"/> responsible for this failure reason.
         /// </summary>
-        public IAuthorizationHandler Handler { get; set; }
+        public IAuthorizationHandler Handler { get; }
     }
 }

src/Security/Authorization/Core/src/PublicAPI.Unshipped.txt

@@ -1,12 +1,10 @@
 #nullable enable
 *REMOVED*static Microsoft.AspNetCore.Authorization.AuthorizationServiceExtensions.AuthorizeAsync(this Microsoft.AspNetCore.Authorization.IAuthorizationService! service, System.Security.Claims.ClaimsPrincipal! user, object! resource, Microsoft.AspNetCore.Authorization.IAuthorizationRequirement! requirement) -> System.Threading.Tasks.Task<Microsoft.AspNetCore.Authorization.AuthorizationResult!>!
-Microsoft.AspNetCore.Authorization.AuthorizationFailure.Reasons.get -> System.Collections.Generic.IEnumerable<Microsoft.AspNetCore.Authorization.AuthorizationFailureReason!>!
+Microsoft.AspNetCore.Authorization.AuthorizationFailure.FailureReasons.get -> System.Collections.Generic.IEnumerable<Microsoft.AspNetCore.Authorization.AuthorizationFailureReason!>!
 Microsoft.AspNetCore.Authorization.AuthorizationFailureReason
 Microsoft.AspNetCore.Authorization.AuthorizationFailureReason.AuthorizationFailureReason(Microsoft.AspNetCore.Authorization.IAuthorizationHandler! handler, string! message) -> void
 Microsoft.AspNetCore.Authorization.AuthorizationFailureReason.Handler.get -> Microsoft.AspNetCore.Authorization.IAuthorizationHandler!
-Microsoft.AspNetCore.Authorization.AuthorizationFailureReason.Handler.set -> void
 Microsoft.AspNetCore.Authorization.AuthorizationFailureReason.Message.get -> string!
-Microsoft.AspNetCore.Authorization.AuthorizationFailureReason.Message.set -> void
 static Microsoft.AspNetCore.Authorization.AuthorizationFailure.Failed(System.Collections.Generic.IEnumerable<Microsoft.AspNetCore.Authorization.AuthorizationFailureReason!>! reasons) -> Microsoft.AspNetCore.Authorization.AuthorizationFailure!
 static Microsoft.AspNetCore.Authorization.AuthorizationServiceExtensions.AuthorizeAsync(this Microsoft.AspNetCore.Authorization.IAuthorizationService! service, System.Security.Claims.ClaimsPrincipal! user, object? resource, Microsoft.AspNetCore.Authorization.IAuthorizationRequirement! requirement) -> System.Threading.Tasks.Task<Microsoft.AspNetCore.Authorization.AuthorizationResult!>!
 virtual Microsoft.AspNetCore.Authorization.AuthorizationHandlerContext.Fail(Microsoft.AspNetCore.Authorization.AuthorizationFailureReason! reason) -> void

src/Security/Authorization/test/DefaultAuthorizationServiceTests.cs

@@ -213,11 +213,11 @@ public async Task CanFailWithReasons()
             // Assert
             Assert.False(allowed.Succeeded);
             Assert.NotNull(allowed.Failure);
-            Assert.Equal(2, allowed.Failure.Reasons.Count());
-            var first = allowed.Failure.Reasons.First();
+            Assert.Equal(2, allowed.Failure.FailureReasons.Count());
+            var first = allowed.Failure.FailureReasons.First();
             Assert.Equal("1", first.Message);
             Assert.Equal(handler1, first.Handler);
-            var second = allowed.Failure.Reasons.Last();
+            var second = allowed.Failure.FailureReasons.Last();
             Assert.Equal("3", second.Message);
             Assert.Equal(handler3, second.Handler);
         }

src/Security/samples/CustomAuthorizationFailureResponse/Authorization/SampleAuthorizationMiddlewareResultHandler.cs

@@ -31,9 +31,9 @@ public async Task HandleAsync(
             // if the authorization was forbidden, let's use custom logic to handle that.
             if (policyAuthorizationResult.Forbidden && policyAuthorizationResult.AuthorizationFailure != null)
             {
-                if (policyAuthorizationResult.AuthorizationFailure.Reasons.Any())
+                if (policyAuthorizationResult.AuthorizationFailure.FailureReasons.Any())
                 {
-                    await httpContext.Response.WriteAsync(policyAuthorizationResult.AuthorizationFailure.Reasons.First().Message);
+                    await httpContext.Response.WriteAsync(policyAuthorizationResult.AuthorizationFailure.FailureReasons.First().Message);
 
                     // return right away as the default implementation would overwrite the status code
                     return;