I don’t know if you ever found a solution, but I’m trying to do something similar and I’m still putting the pieces of the puzzle together. I had tried to post this as a comment instead of an answer, as I do not provide a real solution, but it’s too long. Apparently all of the … Read more
You may need to change your Web API a bit. I met the same kind of problem and wrote a post about how to fix this issue. I used Sinatra for the API, I don’t know what language you are using for your webservices but I guess you can apply it. Basically, you need to … Read more
Abstract out your error handling logic from Application_Error into its own function. Create a Web API exception filter. //register your filter with Web API pipeline //this belongs in the Application_Start event in Global Application Handler class (global.asax) //or some other location that runs on startup GlobalConfiguration.Configuration.Filters.Add(new LogExceptionFilterAttribute()); //Create filter public class LogExceptionFilterAttribute : ExceptionFilterAttribute { … Read more
Not only do you have to have the call to routes.MapMvcAttributeRoutes() in your App_Start\RouteConfig.cs file, it must appear before defining your default route! I add it before that and after ignoring {resource}.axd{*pathInfo}. Just found that out trying to get attribute routing to work correctly with my MVC 5 website. public static void RegisterRoutes(RouteCollection routes) { … Read more
JWT (RFC7519) is just a compact way to safely transmit claims from an issuer to the audience over HTTP. JWT can be: signed (JWS – RFC7515) encrypted (JWE – RFC7516) signed then encrypted (this order is highly recommended). The whole JWS is the payload of the JWE encrypted then signed. It makes sense to encrypt … Read more
You should be able to get user id on both MVC controller and web api controller by same extension method in identity 1.0 RTW package. Here is the extensions from identity package: namespace Microsoft.AspNet.Identity { public static class IdentityExtensions { public static string FindFirstValue(this ClaimsIdentity identity, string claimType); public static string GetUserId(this IIdentity identity); public … Read more
Some things to note here: Filters get executed in the following order for an action: Globally Defined Filters -> Controller-specific Filters -> Action-specific Filters. Authorization Filters -> Action Filters -> Exception Filters Now the problem that you seem to mention is related to having multiple filters of the same kind (ex: Multiple ActionFilterAttribute decorated on … Read more
If I understand correctly then you are asking specific to asp.net core. In ASP.net core HttpResponseMessage is not a way to return result the way we used to do in ASP.net web api 2. In asp.net core ( WEB API ) simply look like this. [HttpGet] public IActionResult Get() { Byte[] b = System.IO.File.ReadAllBytes(@”E:\\Test.jpg”); // … Read more
In the AuthorizeAttribute there is the following code: private static bool SkipAuthorization(HttpActionContext actionContext) { Contract.Assert(actionContext != null); return actionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>().Any() || actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes<AllowAnonymousAttribute>().Any(); } Include this method in your AuthorizeAttribute class then add the following to the top of your OnAuthorization method to skip authorization if any AllowAnonymous attributes are found: if (SkipAuthorization(actionContext)) return;
The generic HttpRequestMessage<T> has been removed. This : new HttpRequestMessage<Widget>(widget) will no longer work. Instead, from this post, the ASP.NET team has included some new calls to support this functionality: HttpClient.PostAsJsonAsync<T>(T value) sends “application/json” HttpClient.PostAsXmlAsync<T>(T value) sends “application/xml” So, the new code (from dunston) becomes: Widget widget = new Widget() widget.Name = “test” widget.Price = … Read more