public override void OnAuthorization(HttpActionContext actionContext)
{
if (actionContext == null)
{
throw new ApplicationException("actionContext");
}
if (this.skipAuthorization(actionContext))
{
return;
}
AccessAuthorizerResponse accessAuthorizerResponse = authorizeCore(actionContext.Request);
if (accessAuthorizerResponse.AuthorizedID < 1) // Not a Valid Access
{
HandleUnauthorizedRequest(actionContext, accessAuthorizerResponse);
}
}
private AccessAuthorizerResponse authorizeCore(HttpRequestMessage request)
{
object apiKeyAuthorizerClassInstance = Activator.CreateInstance(_accessAuthorizerType);
AccessAuthorizerResponse result = null;
if (_rolesSplit == AuthorizationUtilities._emptyArray)
{
result = (AccessAuthorizerResponse)_accessAuthorizerType.GetMethod(_method, new Type[] { typeof(HttpRequestMessage) }).
Invoke(apiKeyAuthorizerClassInstance, new object[] { request });
}
else
{
List <Role> roles = new List <Role>();
foreach (var roleName in _rolesSplit)
{
roles.Add(new RoleBLL().GetRoleByRoleName(roleName));
}
result = (AccessAuthorizerResponse)_accessAuthorizerType.GetMethod(_method, new Type[] { typeof(HttpRequestMessage), typeof(List <Role>) }).
Invoke(apiKeyAuthorizerClassInstance, new object[] { request, roles });
}
return(result);
}
protected virtual void HandleUnauthorizedRequest(HttpActionContext actionContext, AccessAuthorizerResponse accessAuthorizerResponse)
{
if (actionContext == null)
{
throw new ApplicationException("actionContext");
}
var serializer = new Newtonsoft.Json.JsonSerializer();
var respornse = new ResponseModel(accessAuthorizerResponse.AuthorizedID, accessAuthorizerResponse.Message);
actionContext.Response = actionContext.ControllerContext.Request.CreateResponse(HttpStatusCode.Unauthorized, JsonConvert.SerializeObject(respornse));
}
