private void HandleAuthenticationException(ExceptionHandlerContext context)
{
var credentials = context.ParseAuthorizationHeader();
Logger.Warn($"Api {context.Request.Method} {context.Request.RequestUri} unauthenticated request!");
var authHeader = credentials != null
? context.ExceptionContext.Request.Headers.Authorization
: new AuthenticationHeaderValue("Basic", "id:password".ToBase64String());
context.Result = new UnauthorizedResult(new[] { authHeader }, context.ExceptionContext.Request);
}
private void HandleUnauthorizedAccessException(ExceptionHandlerContext context)
{
var credentials = context.ParseAuthorizationHeader();
var encryptedInfo = credentials != null
? $"{credentials.Id}:{credentials.Password.ToSha256Hash()}"
: "none";
var errorMessage = $"Api {context.Request.Method} {context.Request.RequestUri} ivalid credentials: {encryptedInfo}";
Logger.Warn(errorMessage);
context.Result = new StatusCodeResult(HttpStatusCode.Forbidden, context.ExceptionContext.Request);
}
