This is inherently bad design. Someone decided that these methods should be named "Async", and return a Task, but if you dare actually writing these as async, then the whole thing falls apart.

These should not have been async in their signature, to signal that the only way these handlers work is if you do not use continuations. This is the exact opposite of "pit of success", someone made an API that makes the incorrect usage the obvious one.

Document Details

⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.

• ID: b1141d92-adeb-6841-229f-914c808f9a2b
• Version Independent ID: 7089b376-949f-c1c6-c37a-5d8cc7ecf104
• Content: Policy-based authorization in ASP.NET Core
• Content Source: aspnetcore/security/authorization/policies.md
• Product: aspnet-core
• Technology: aspnetcore-security
• GitHub Login: @Rick-Anderson
• Microsoft Alias: riande