Reputation: 1196
Whats between Application_BeginRequest and DelegatingHandler
Authorization Header is getting stripped from request somewhere between begin_request and DelegatingHandler.SendAsync. Im trying to debug why this is happening.
I have a Delegating Handler in my WebApi designed to validate the Json WebToken. Unfortunately when SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) fires the Authorization property of the request is null.
However in Application Begin Request the Authorization Header appears to be received from the client.
{Connection=keep-alive&Authorization=Bearer+ey[Deleted Most]9g&Host=192.168.1.4}
I need to get the Authorization value in my SendAsync so I can Validate it.
Why is it being removed?
Or short of that what actions\events occur before the DelegatingHandler that might be altering the headers and removing it?
Microsoft.AspNet.WebApi version 5.2.3 on IIS version 10.0.10586.0 running on Windows 10 build 10586.494
Upvotes: 0
Views: 320
Answers (1)
Reputation: 1196
Not a complete answer but http://jameschambers.com/2013/11/working-with-iauthenticationfilter-in-the-mvc-5-framework/
Answered a portion of what occurs before the Delegating Handler that calls the third party. By creating a ActionFilterAttribute, IAuthenticationFilter the Authentication can be intercepted and handled in whatever custom way is desired.
Upvotes: 0
Related Questions
- Application_BeginRequest Usage
- Registering a new DelegatingHandler in ASP.NET Core Web API
- Web Api Handler for pre-request
- HttpModule vs DelegatingHandler - advantages/disadvantages?
- Using multiple delegating handlers in a web API call
- Why is my DelegatingHandler firing for MVC requests?
- HttpMessageHandler vs DelegatingHandler
- ASP.Net Web API SendAsync methods of DelegatingHandler called twice on POST request
- Using Web API DelegatingHandler in MVC
- ASP.Net Request Life Cycle - Application_BeginRequest