PermissionServer is a library that provides authorization attributes exactly like vanilla ASP.NET, but with support for remote authorization and finely-grained permissions to avoid storing authorization information in a JWT.
Check out the demo to see PermissionServer in action.
See the wiki for a quick start and full documentation.
If you feel anything is lacking or there are features you'd need before adoption, feel free to open an issue after combing the roadmap.