FireShock
Reputation: 1122
Check AllowAnonymousAttribute in Web API
System.Web.Mvc.ActionDescriptor has method IsDefined which helps to determine whether one or more instances of the specified attribute type are defined for this member.
System.Web.Http.Controllers.HttpActionDescriptor does not have this method.
How can I check AllowAnonymousAttribute using HttpActionDescriptor?
Upvotes: 5
Views: 2809
Answers (2)
Marcos Dimitrio
Reputation: 6852
The answer by @FireShock is correct, here is a version that I think is easier to read:
private static bool ShouldSkipAuthorization(HttpActionContext actionContext)
{
return
actionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>(true).Any() ||
actionContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes<AllowAnonymousAttribute>(true).Any();
}
Upvotes: 7
FireShock
Reputation: 1122
I found. I can use GetCustomAttributes method. For example (from AuthorizeAttribute implementation):
private static bool SkipAuthorization(HttpActionContext actionContext)
{
if (!Enumerable.Any<AllowAnonymousAttribute>((IEnumerable<AllowAnonymousAttribute>) actionContext.ActionDescriptor.GetCustomAttributes<AllowAnonymousAttribute>()))
return Enumerable.Any<AllowAnonymousAttribute>((IEnumerable<AllowAnonymousAttribute>) actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes<AllowAnonymousAttribute>());
else
return true;
}
Upvotes: 10
Related Questions
- AllowAnonymous not working with ASP.NET Core 6.0 Web API
- AllowAnonymous not working with Custom AuthorizationAttribute
- AuthorizeAttribute for Web API (ASP.NET Core 2)
- Authentication in WebApi with AllowAnonymous attribute
- AllowAnonymous Attribute not working on Web API controller
- Custom IAuthenticationFilter and AllowAnonymous in Web API
- c# WebApi Attribute Authorization
- How to check if user is authenticated in Web API 2
- Authorize attribute is ignoring [AllowAnonymous]
- Using AuthorizeAttribute in ASP.NET Web API