micah
Reputation: 8116
C# Authorize Attribute Logic
I'm trying to implement the Authorize attribute in my WebApi Controllers. I've found resources on how to implement Authorize, and even that I need to set the Thread and HttpContext Principals when implementing Authorization. But I can't find an example of how/where I write the Authorization logic.
public class MyController : ApiController
{
[Route("")]
[Authorize]
public async Task<IHttpActionResult> Get() {}
}
public class MyAuthorizationProvider
{
public void AuthorizeIGuess()
{
string authHeader = HttpContext.Request.Headers.GetValues("Authorization").FirstOrDefault();
// do stuff with auth header
// create principal
HttpContext.Current.User = ...;
Thread.CurrentPrincipal = ...;
}
}
How do I setup MyAuthorizationProvider so that it is used for Authorize, and is this how I set my auth context?
Upvotes: 0
Views: 1110
Answers (1)
MANISH KUMAR CHOUDHARY
Reputation: 3492
You need to inherit AuthorizeAttribute like
public class MyAuthorizationProvider : AuthorizeAttribute
{
//Write your validation logic here.
}
and use this override authorization attribute like
public class MyController : ApiController
{
[Route("")]
[MyAuthorizationProvider]
public async Task<IHttpActionResult> Get() {}
}
When you inherit AuthorizeAttribute, it will gives you some override method to implement your logic in better way, use that also. For more details check this answer.
Upvotes: 1
Related Questions
- Authorize attribute in ASP.NET MVC
- .NET custom authorize attribute (mvc)
- MVC 5 Authorize Attribute
- Web Api Custom Authorize Attribute Properties
- How To Use [Authorize] properly
- c# WebApi Attribute Authorization
- MVC Custom Authorize Attribute behavior
- Using authorize attribute ASP.Net MVC
- AuthorizeAttribute and parameters
- Using AuthorizeAttribute in ASP.NET Web API