c# - WebApi serialize object from HttpActionContext -


edit: changed approach. using messagehandlers. raciel, pointed direction dig.

these links useful me: messagehandlers overview using own principal classes


i have webapi project , need provide custom authorization it. special token object added each request frontend. that:

sendapirequest: function (controller, action, data, successcallback, failurecallback) {     var url = router.getapiurl(controller, action);      data.token = token;      jquery.ajax({         type: 'post',         datatype: 'json',         url: url,         data: data,         success: function (result) {             if (typeof successcallback == 'function') {                 successcallback(result);             }         },         error: function (result) {             if (typeof failurecallback == 'function') {                 failurecallback(result);             }         }     });} 

i have authorizationattribute , somehow need serialize token object request. cannot find automatic way that.

public class customauthorizationattribute : authorizeattribute {     public override void onauthorization(httpactioncontext context)     {         usertoken token = null;          //how serialize token object context?      } } 

usertoken class looks that:

public class usertoken {     public int64 tokenid;     public int userid;     public string tokenvalue;     public string ip;     public string hash;      public datetime createdon;     public datetime actionon; } 

so question is: how serialize custom object httpactioncontext?

thank you.

this have done when i'm dealing cases similar yours.

instead of creating own authorize attribute, can create messagehandler checks token , validates on every request. message handler responsible populating principal in current thread, authorize attribute can work expected allowing authorized clients access controller/action in question.

this how authorization message handler looks like:

public class authmessagehandler : delegatinghandler {     protected itokenprovider tokenprovider { get; private set; }     protected iprincipalprovider principalprovider { get; private set; }      public authmessagehandler(itokenprovider tokenprovider, iprincipalprovider principalprovider)     {         tokenprovider = tokenprovider;         principalprovider = principalprovider;     }       protected override task<httpresponsemessage> sendasync(httprequestmessage request, cancellationtoken cancellationtoken)     {         identity identity = null;         string token = extracttoken(request);          if (token != null && tokenprovider.verify(token, out identity))         {             request.properties.add(constants.identitykey, identity);             var principal = principalprovider.createprincipal(identity);             thread.currentprincipal = principal;             httpcontext.current.user = principal;         }          return base.sendasync(request, cancellationtoken);     }       private string extracttoken(httprequestmessage request)     {         ienumerable<string> tokenvalues = null;         if (request.headers.trygetvalues(constants.tokenheaderkey, out tokenvalues))             return tokenvalues.first();          return null;     } } 

please note:

  1. both tokenprovider , principalprovider injected here. first in charge of validating token , if valid, return identity data available across request.
  2. the iprincipal provider creates genericprincipal assigned thread.currentprincipal , context user (httpcontext.current.user). ensures authorize attribute works later, when checks isauthenticated in current principal.
  3. in case, i'm passing token information in headers, prefer. (you might need authorize requests too)
  4. if need pass data message handler controller, use request.properties, why i'm putting identity information there request.properties.add(constants.identitykey, identity); available controller. there several ways can achieve this, dictionary pretty cheap transport type of data.

please let me know if have questions. simpler looks.


Comments

Popular posts from this blog

Detect support for Shoutcast ICY MP3 without navigator.userAgent in Firefox? -

web - SVG not rendering properly in Firefox -

java - JavaFX 2 slider labelFormatter not being used -