本文介绍了如何在Web API授权属性中获取请求cookie?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
.NET中有两个AuthorizeAttribute
类.在System.Web.Http
命名空间中定义的一个:
In .NET there are two AuthorizeAttribute
classes. One defined in System.Web.Http
namespace:
namespace System.Web.Http
{
// Summary:
// Specifies the authorization filter that verifies the request's System.Security.Principal.IPrincipal.
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
public class AuthorizeAttribute : AuthorizationFilterAttribute
{
// Summary:
// Initializes a new instance of the System.Web.Http.AuthorizeAttribute class.
public AuthorizeAttribute();
// Summary:
// Gets or sets the authorized roles.
//
// Returns:
// The roles string.
public string Roles { get; set; }
//
// Summary:
// Gets a unique identifier for this attribute.
//
// Returns:
// A unique identifier for this attribute.
public override object TypeId { get; }
//
// Summary:
// Gets or sets the authorized users.
//
// Returns:
// The users string.
public string Users { get; set; }
// Summary:
// Processes requests that fail authorization.
//
// Parameters:
// actionContext:
// The context.
protected virtual void HandleUnauthorizedRequest(HttpActionContext actionContext);
//
// Summary:
// Indicates whether the specified control is authorized.
//
// Parameters:
// actionContext:
// The context.
//
// Returns:
// true if the control is authorized; otherwise, false.
protected virtual bool IsAuthorized(HttpActionContext actionContext);
//
// Summary:
// Calls when an action is being authorized.
//
// Parameters:
// actionContext:
// The context.
//
// Exceptions:
// System.ArgumentNullException:
// The context parameter is null.
public override void OnAuthorization(HttpActionContext actionContext);
}
}
在System.Web.Mvc
命名空间中定义的另一个:
Another defined in System.Web.Mvc
namespace:
namespace System.Web.Mvc
{
// Summary:
// Specifies that access to a controller or action method is restricted to users
// who meet the authorization requirement.
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
public class AuthorizeAttribute : FilterAttribute, IAuthorizationFilter
{
// Summary:
// Initializes a new instance of the System.Web.Mvc.AuthorizeAttribute class.
public AuthorizeAttribute();
// Summary:
// Gets or sets the user roles that are authorized to access the controller
// or action method.
//
// Returns:
// The user roles that are authorized to access the controller or action method.
public string Roles { get; set; }
//
// Summary:
// Gets the unique identifier for this attribute.
//
// Returns:
// The unique identifier for this attribute.
public override object TypeId { get; }
//
// Summary:
// Gets or sets the users that are authorized to access the controller or action
// method.
//
// Returns:
// The users that are authorized to access the controller or action method.
public string Users { get; set; }
// Summary:
// When overridden, provides an entry point for custom authorization checks.
//
// Parameters:
// httpContext:
// The HTTP context, which encapsulates all HTTP-specific information about
// an individual HTTP request.
//
// Returns:
// true if the user is authorized; otherwise, false.
//
// Exceptions:
// System.ArgumentNullException:
// The httpContext parameter is null.
protected virtual bool AuthorizeCore(HttpContextBase httpContext);
//
// Summary:
// Processes HTTP requests that fail authorization.
//
// Parameters:
// filterContext:
// Encapsulates the information for using System.Web.Mvc.AuthorizeAttribute.
// The filterContext object contains the controller, HTTP context, request context,
// action result, and route data.
protected virtual void HandleUnauthorizedRequest(AuthorizationContext filterContext);
//
// Summary:
// Called when a process requests authorization.
//
// Parameters:
// filterContext:
// The filter context, which encapsulates information for using System.Web.Mvc.AuthorizeAttribute.
//
// Exceptions:
// System.ArgumentNullException:
// The filterContext parameter is null.
public virtual void OnAuthorization(AuthorizationContext filterContext);
//
// Summary:
// Called when the caching module requests authorization.
//
// Parameters:
// httpContext:
// The HTTP context, which encapsulates all HTTP-specific information about
// an individual HTTP request.
//
// Returns:
// A reference to the validation status.
//
// Exceptions:
// System.ArgumentNullException:
// The httpContext parameter is null.
protected virtual HttpValidationStatus OnCacheAuthorization(HttpContextBase httpContext);
}
}
这两者之间的主要区别是:
Main differences between those two are:
- Web API可以使用
-
System.Web.Http
版本 ASP.NET MVC可以使用 -
System.Web.Mvc
版本 当 -
Http
版本使用OnAuthorization方法中的HttpActionContext
参数类型.
Mvc
版本使用AuthorizationContext
类型时,System.Web.Http
version can be used by Web APISystem.Web.Mvc
version can be used by ASP.NET MVCHttp
version useHttpActionContext
parameter type in OnAuthorization method whenMvc
version useAuthorizationContext
type.
我想访问AuthorizeAttribute
的Http
版本的请求cookie.在Mvc
版本中,其实现方式如下:
I want to access request cookies in Http
version of AuthorizeAttribute
. In Mvc
version it is implemented as follows:
public class Foo : AuthorizeAttribute
{
public override void OnAuthorization(AuthorizationContext filterContext)
{
HttpCookie cookie = filterContext.HttpContext.Request.Cookies.Get("Bar");
}
}
有人知道如何使用HttpActionContext
做同样的事情吗?有可能吗?如果不可能,为什么呢?
Does anybody know how can I do the same with HttpActionContext
? Is it possible at all? If it's not possible - why it is so?
推荐答案
public class Foo : AuthorizeAttribute
{
public override void OnAuthorization(HttpActionContext actionContext)
{
var cookie = actionContext.Request.Headers.GetCookies("Bar").FirstOrDefault();
}
}
这篇关于如何在Web API授权属性中获取请求cookie?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!