What is the proper way of getting the HTTP request method in an AuthorizationHandler?

Question

Simplified version of what I\'m trying to do: I want to write an authorization policy that will block requests that aren\'t GET if a flag is set in the database. I registered my