/// <summary>
/// 驗證是反被授權
/// </summary>
/// <param name="actionContext"></param>
public override void OnAuthorization(HttpActionContext actionContext)
{
var identity = actionContext.RequestContext.Principal.Identity as ClaimsIdentity;
var authorized = identity.IntersectScopes(this.Scopes?.Split(',') ?? new string[0]);
if (!authorized)
{
var controller = (BaseApiController)actionContext.ControllerContext.Controller;
var Fail = new FailOutputModel()
{
ApiVersion = "1.0.0",
Method = string.Format("{0}.{1}", controller.ControllerContext.RouteData.Values["controller"], actionContext.Request.Method),
Error = new ErrorMessage()
{
Domain = "API-CountyDistrictRoad",
Code = 0,
Message = "驗證錯誤",
Description = "驗證錯誤"
},
Id = controller.ResponseId
};
actionContext.Response = actionContext.ControllerContext.Request.CreateResponse(HttpStatusCode.Unauthorized, Fail);
}
}
/// <summary>
/// Generates the exception message.
/// </summary>
/// <param name="context">The context.</param>
/// <param name="projectName">The project name.</param>
/// <param name="errorCode">The error code.</param>
/// <param name="message">The message.</param>
/// <returns>IFailOutputModel</returns>
public static IFailOutputModel GenerateExceptionMessage(ExceptionHandlerContext context, string projectName, int errorCode, string message)
{
IFailOutputModel fail = new FailOutputModel();
fail.Method = string.Format("{0}.{1}", context.Request.RequestUri.AbsolutePath, context.Request.Method);
fail.Error = new ErrorMessage()
{
Domain = projectName,
Code = errorCode,
Message = message,
Description = context.Exception.Message
};
fail.Id = System.Guid.NewGuid();
//// TODO:要把parameter & fail.Id 寫進LOG
//// parameter: context.ExceptionContext.Request.RequestUri.Query
return fail;
}
/// <summary>
/// Exceptions the message.
/// </summary>
/// <param name="context">The context.</param>
/// <returns>HttpResponseMessage</returns>
public HttpResponseMessage GenerateExceptionMessage(ExceptionHandlerContext context)
{
var fail = new FailOutputModel()
{
ApiVersion = "1.0.0",
Method = string.Format("{0}.{1}",
context.Request.RequestUri.AbsolutePath,
context.Request.Method),
Error = new ErrorMessage()
{
Domain = "FIM-CRM",
Code = 40001,
Message = "未預期的錯誤",
Description = context.Exception.Message
},
Id = System.Guid.NewGuid()
};
return context.Request.CreateResponse(HttpStatusCode.InternalServerError, fail);
}
/// <summary>
/// Exceptions the message.
/// </summary>
/// <param name="context">The context.</param>
/// <returns>HttpResponseMessage</returns>
public HttpResponseMessage GenerateExceptionMessage(ExceptionHandlerContext context)
{
var fail = new FailOutputModel()
{
ApiVersion = "1.0.0",
Method = string.Format("{0}.{1}",
context.Request.RequestUri.AbsolutePath,
context.Request.Method),
Status = "ERROR",
Error = new ErrorMessage()
{
Domain = "YutApi",
Code = "33001",
Message = "參數驗證錯誤",
Description = context.Exception.ToString()
},
Id = System.Guid.NewGuid()
};
return(context.Request.CreateResponse(HttpStatusCode.ExpectationFailed, fail));
}
/// <summary>
/// 在衍生類別中覆寫時,同步處理例外狀況。
/// </summary>
/// <param name="context">例外狀況處理常式內容。</param>
public override void Handle(ExceptionHandlerContext context)
{
var Fail = new FailOutputModel();
if (context.Exception is InvalidOperationException)
{
// 驗證錯誤的處理
Fail.ApiVersion = "1.0.0";
Fail.Method = string.Format("{0}.{1}", context.Request.RequestUri.AbsolutePath, context.Request.Method);
Fail.Error = new ErrorMessage()
{
Domain = "API-CountyDistrictRoad",
Code = 33001,
Message = "服務發生異常",
Description = context.Exception.Message
};
Fail.Id = Guid.NewGuid();
}
else
{
// 其他錯誤的處理
Fail.ApiVersion = "1.0.0";
Fail.Method = string.Format("{0}.{1}", context.Request.RequestUri.AbsolutePath, context.Request.Method);
Fail.Error = new ErrorMessage()
{
Domain = "API-CountyDistrictRoad",
Code = 40000,
Message = "服務發生異常",
Description = context.Exception.Message
};
Fail.Id = Guid.NewGuid();
}
//TODO:要把parameter & ResponseId 寫進LOG
context.Result = new ResponseMessageResult(context.Request.CreateResponse(HttpStatusCode.InternalServerError, Fail));
base.Handle(context);
}
/// <summary>
/// 在處理序要求授權時呼叫。
/// </summary>
/// <param name="actionContext">動作內容,該內容封裝 <see cref="T:System.Web.Http.Filters.AuthorizationFilterAttribute" /> 的使用資訊。</param>
public override void OnAuthorization(HttpActionContext actionContext)
{
var identity = actionContext.RequestContext.Principal.Identity as ClaimsIdentity;
var authorized = identity.IntersectScopes(this.Scopes?.Split(',') ?? new string[0]);
if (!authorized)
{
var controller = (BaseApiController)actionContext.ControllerContext.Controller;
var fail = new FailOutputModel()
{
Method = $"{ controller.RequestContext.RouteData.Route.RouteTemplate }.{ actionContext.Request.Method }",
Error = new ErrorMessage()
{
Domain = "API-GIS",
Code = 0,
Message = "驗證錯誤",
Description = "驗證錯誤"
},
Id = controller.ResponseId
};
actionContext.Response = actionContext.ControllerContext.Request.CreateResponse(HttpStatusCode.Unauthorized, fail);
}
}
