Good day everyone,

I am building a Custom Authorization handler. Within the handler, there is a context value that I need to handle.
This value is data protected via IDataProtector.

This works fine throughout my application, but I'm having trouble adding this capability to my custom handler, thus I am unable to Unprotect my context value.

Here is how I successfully implemented data protection in my controllers:
Code:
public class FlowerController(IDataProtectionProvider dataProtectionProvider)
{
    private readonly IDataProtector _dataProtector = dataProtectionProvider.CreateProtector("Petunias");
    public IActionResult Index(string id)
    {
        if (id != null)
        {
            string unprotectedString;
            try
            {
                unprotectedString = _dataProtector.Unprotect(id);


            }
        }
    }
}
The above code works without a hitch.

Here is what I built for CustomAuthorization:
Code:
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)]
public sealed class CustomAuthorizeAttribute : Attribute, IAsyncAuthorizationFilter
{
    private readonly string _roleName;

    public CustomAuthorizeAttribute(string RoleName)
    {
        _roleName = RoleName; 
    }

    public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
    {
        var user = context.HttpContext.User; //get user
        var entityID = context.RouteData.Values["id"].ToString(); // get id

        //do something
        var isAuthorized = true;
        
        if (!isAuthorized)
        {
            context.Result = new ForbidResult();
            return;
        }
    }
}
The implementation within my controller:
Code:
[CustomAuthorize(RoleName: "Gardener, Pruner")]
public IActionResult Edit(string id)
{
    // controller stuff
}

Now, here is my attempt at implementing a CustomAuthorization handler that employs Dataprotection:
Code:
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)]
public sealed class CustomAuthorizeAttribute : Attribute, IAsyncAuthorizationFilter
{
    private readonly string _roleName;
    private readonly IDataProtector _dataProtector;


    public CustomAuthorizeAttribute(string RoleName, IDataProtectionProvider dataProtectionProvider)
    {
        _roleName = RoleName;
        _dataProtector = dataProtectionProvider.CreateProtector("Petunias");   
    }

    public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
    {
        var user = context.HttpContext.User; //get user
        var entityID = context.RouteData.Values["id"].ToString(); //get id (protected)
        var unprotectedText = _dataProtector.Unprotect(entityID); //unprotect id

        //do something
        var isAuthorized = true;

        if (!isAuthorized)
        {
            context.Result = new ForbidResult();
            return;
        }
    }
}

In my controller, there is an error being thrown by the custom authorization tag that an argument is missing (There is no argument given that corresponds
to the required parameter 'dataProtectionProvider' of 'CustomAuthorizeAttribute.CustomAuthorizeAttribute(string, IDataProtectionProvider)'

How can I inject the Data Protection service into my handler without having to pass the argument from my Controller? Or, if I have to, the solution to my error message.

Thanks,
HM