How to get request die cookies in Web-API Autorisierungs-Attribut?

In .NET gibt es zwei AuthorizeAttribute Klassen. Definiert man in System.Web.Http namespace:

namespace System.Web.Http
{
    //Summary:
    //    Specifies the authorization filter that verifies the request's System.Security.Principal.IPrincipal.
    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
    public class AuthorizeAttribute : AuthorizationFilterAttribute
    {
        //Summary:
        //    Initializes a new instance of the System.Web.Http.AuthorizeAttribute class.
        public AuthorizeAttribute();

        //Summary:
        //    Gets or sets the authorized roles.
        //
        //Returns:
        //    The roles string.
        public string Roles { get; set; }
        //
        //Summary:
        //    Gets a unique identifier for this attribute.
        //
        //Returns:
        //    A unique identifier for this attribute.
        public override object TypeId { get; }
        //
        //Summary:
        //    Gets or sets the authorized users.
        //
        //Returns:
        //    The users string.
        public string Users { get; set; }

        //Summary:
        //    Processes requests that fail authorization.
        //
        //Parameters:
        //  actionContext:
        //    The context.
        protected virtual void HandleUnauthorizedRequest(HttpActionContext actionContext);
        //
        //Summary:
        //    Indicates whether the specified control is authorized.
        //
        //Parameters:
        //  actionContext:
        //    The context.
        //
        //Returns:
        //    true if the control is authorized; otherwise, false.
        protected virtual bool IsAuthorized(HttpActionContext actionContext);
        //
        //Summary:
        //    Calls when an action is being authorized.
        //
        //Parameters:
        //  actionContext:
        //    The context.
        //
        //Exceptions:
        //  System.ArgumentNullException:
        //    The context parameter is null.
        public override void OnAuthorization(HttpActionContext actionContext);
    }
}

Anderen definiert in System.Web.Mvc namespace:

namespace System.Web.Mvc
{
    //Summary:
    //    Specifies that access to a controller or action method is restricted to users
    //    who meet the authorization requirement.
    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
    public class AuthorizeAttribute : FilterAttribute, IAuthorizationFilter
    {
        //Summary:
        //    Initializes a new instance of the System.Web.Mvc.AuthorizeAttribute class.
        public AuthorizeAttribute();

        //Summary:
        //    Gets or sets the user roles that are authorized to access the controller
        //    or action method.
        //
        //Returns:
        //    The user roles that are authorized to access the controller or action method.
        public string Roles { get; set; }
        //
        //Summary:
        //    Gets the unique identifier for this attribute.
        //
        //Returns:
        //    The unique identifier for this attribute.
        public override object TypeId { get; }
        //
        //Summary:
        //    Gets or sets the users that are authorized to access the controller or action
        //    method.
        //
        //Returns:
        //    The users that are authorized to access the controller or action method.
        public string Users { get; set; }

        //Summary:
        //    When overridden, provides an entry point for custom authorization checks.
        //
        //Parameters:
        //  httpContext:
        //    The HTTP context, which encapsulates all HTTP-specific information about
        //    an individual HTTP request.
        //
        //Returns:
        //    true if the user is authorized; otherwise, false.
        //
        //Exceptions:
        //  System.ArgumentNullException:
        //    The httpContext parameter is null.
        protected virtual bool AuthorizeCore(HttpContextBase httpContext);
        //
        //Summary:
        //    Processes HTTP requests that fail authorization.
        //
        //Parameters:
        //  filterContext:
        //    Encapsulates the information for using System.Web.Mvc.AuthorizeAttribute.
        //    The filterContext object contains the controller, HTTP context, request context,
        //    action result, and route data.
        protected virtual void HandleUnauthorizedRequest(AuthorizationContext filterContext);
        //
        //Summary:
        //    Called when a process requests authorization.
        //
        //Parameters:
        //  filterContext:
        //    The filter context, which encapsulates information for using System.Web.Mvc.AuthorizeAttribute.
        //
        //Exceptions:
        //  System.ArgumentNullException:
        //    The filterContext parameter is null.
        public virtual void OnAuthorization(AuthorizationContext filterContext);
        //
        //Summary:
        //    Called when the caching module requests authorization.
        //
        //Parameters:
        //  httpContext:
        //    The HTTP context, which encapsulates all HTTP-specific information about
        //    an individual HTTP request.
        //
        //Returns:
        //    A reference to the validation status.
        //
        //Exceptions:
        //  System.ArgumentNullException:
        //    The httpContext parameter is null.
        protected virtual HttpValidationStatus OnCacheAuthorization(HttpContextBase httpContext);
    }
}

Wichtigsten Unterschiede zwischen diesen beiden sind:

  • System.Web.Http version kann verwendet werden, die von Web API
  • System.Web.Mvc version verwendet werden kann ASP.NET MVC
  • Http version verwenden HttpActionContext parameter Typ in OnAuthorization Methode, wenn Mvc version verwenden AuthorizationContext geben.

Möchte ich Antrag auf Zugang cookies in Http version von AuthorizeAttribute. In Mvc - version ist es wie folgt implementiert:

public class Foo : AuthorizeAttribute
{
     public override void OnAuthorization(AuthorizationContext filterContext) 
     {
          HttpCookie cookie = filterContext.HttpContext.Request.Cookies.Get("Bar");    
     }
}

Weiß jemand, wie kann ich das gleiche tun mit HttpActionContext? Ist es überhaupt möglich? Wenn es nicht möglich ist - warum ist es so?

InformationsquelleAutor Landeeyo | 2016-07-19

  1. 10
    public class Foo : AuthorizeAttribute
{

    public override void OnAuthorization(HttpActionContext actionContext)
    {
        var cookie = actionContext.Request.Headers.GetCookies("Bar").FirstOrDefault();
    }
}
    Nicht genau, aber nahe genug ;).
    do you mind posting die Lösung dann?
    Soweit ich mich erinnere-es ist alles über das surfen in einem debugger Ergebnis GetCookies Methode ausgeführt, ohne irgendwelche Argumente. Es sollte ein paar arrays, und es ist relativ einfach, um es herauszufinden, wie man die cookies.
    Ich denke, das fehlende Stück ist das: wenn zum Beispiel Ihre cookie hat einen username= " myUserName so müssten Sie hinzufügen, um eine Zeile nach was Prasanjit schrieb - string username = cookie.Cookies.Where(c => c.Name == "username").FirstOrDefault().Value; zu extrahieren myUserName
    var cookie = actionContext.Request.Headers.GetCookies("Bar").FirstOrDefault()?["Bar"];

    InformationsquelleAutor Prasanjit

  2. 2

    GetCookies zurückgibt, Sammlung von cookieS dann werden Sie brauchen, um Cookies, die Sie benötigen. 

    public class Foo : AuthorizeAttribute
{

      public override void OnAuthorization(HttpActionContext actionContext)
      {
           var cookies = actionContext.Request.Headers.GetCookies("Bar").FirstOrDefault();

           var cookie = cookies["Bar"];
      }
}
    Was ist der Grund dafür, dass Sie angeben müssen, "Bar" zweimal?

    InformationsquelleAutor Farukh

  3. 1
    string sessionId = "";

CookieHeaderValue cookie = Request.Headers.GetCookies("bar").FirstOrDefault();
if (cookie != null)
{
    sessionId = cookie["bar"].Value;
}
    Was ist der Grund dafür, dass Sie angeben müssen, "Bar" zweimal?

    InformationsquelleAutor SharpCoder

Schreibe einen Kommentar