private void HandlerUnAuthorization(AuthorizationFilterContext context, SecurityException ex) { if (ActionResultHelper.IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { context.Result = new ObjectResult(new AjaxResponse(_errorInfoBuilder.BuildForException(ex), true)) { StatusCode = context.HttpContext.User.Identity.IsAuthenticated ? (int)System.Net.HttpStatusCode.Forbidden : (int)System.Net.HttpStatusCode.Unauthorized }; } else { context.Result = new ChallengeResult(); } }
public ActionResult Index() { var exHandlerFeature = HttpContext.Features.Get <IExceptionHandlerFeature>(); var exception = exHandlerFeature != null ? exHandlerFeature.Error : new Exception("Unhandled exception!"); return(View( "Error", new ErrorViewModel( _errorInfoBuilder.BuildForException(exception), exception ) )); }
private void HandleWrapException(ExceptionContext context) { context.HttpContext.Response.StatusCode = GetStatusCode(context); var unathorized = context.HttpContext.Response.StatusCode == (int)HttpStatusCode.Unauthorized; context.Result = new ObjectResult( new ApiResponse(_errorInfoBuilder.BuildForException(context.Exception, _serviceInfo?.NameVersion), unathorized) { // __traceId = TracingExtensions.GetCompactTraceId() }); //EventBus.Trigger(this, new AbpHandledExceptionData(context.Exception)); //context.Exception = null; // Handled! // TODO: I'll uncomment it after a while context.ExceptionHandled = true; }
private void HandleAndWrapException(ExceptionContext context) { if (!ActionResultHelper.IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { return; } context.HttpContext.Response.StatusCode = GetStatusCode(context); context.Result = new ObjectResult( new AjaxResponse( _errorInfoBuilder.BuildForException(context.Exception), context.Exception is SecurityException ) ); context.Exception = null; // Handled! }
private void HandleAndWrapException(ExceptionContext context) { if (!IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { return; } context.HttpContext.Response.Clear(); context.HttpContext.Response.StatusCode = (int)HttpStatusCode.InternalServerError; context.Result = new ObjectResult( new AjaxResponse( _errorInfoBuilder.BuildForException(context.Exception), context.Exception is AbpAuthorizationException ) ); context.Exception = null; //Handled! }
private void HandleAndWrapException(ExceptionContext context) { if (!ActionResultHelper.IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { return; } context.HttpContext.Response.StatusCode = GetStatusCode(context); context.Result = new ObjectResult( new AjaxResponse( _errorInfoBuilder.BuildForException(context.Exception), context.Exception is AbpAuthorizationException ) ); EventBus.Trigger(this, new AbpHandledExceptionData(context.Exception)); context.Exception = null; //Handled! }
public async Task InvokeAsync(HttpContext context, RequestDelegate next) { await next(context); if (IsAuthorizationExceptionStatusCode(context)) { var exception = new AbpAuthorizationException(GetAuthorizationExceptionMessage(context)); Logger.Error(exception.Message); await context.Response.WriteAsync( JsonConvert.SerializeObject( new AjaxResponse( _errorInfoBuilder.BuildForException(exception), true ) ) ); EventBus.Trigger(this, new AbpHandledExceptionData(exception)); } }
protected virtual void HandleAndWrapException(ExceptionContext context, WrapResultAttribute wrapResultAttribute) { if (!ActionResultHelper.IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { return; } context.HttpContext.Response.StatusCode = GetStatusCode(context, wrapResultAttribute.WrapOnError); if (!wrapResultAttribute.WrapOnError) { return; } context.Result = new ObjectResult( new AjaxResponse( _errorInfoBuilder.BuildForException(context.Exception) ) ); EventBus.Trigger(this, new SharePlatformHandledExceptionData(context.Exception)); context.Exception = null; //Handled! }
public async Task OnAuthorizationAsync(AuthorizationFilterContext context) { var endpoint = context?.HttpContext?.GetEndpoint(); // Allow Anonymous skips all authorization if (endpoint?.Metadata.GetMetadata <IAllowAnonymous>() != null) { return; } if (!context.ActionDescriptor.IsControllerAction()) { return; } //TODO: Avoid using try/catch, use conditional checking try { await _authorizationHelper.AuthorizeAsync( context.ActionDescriptor.GetMethodInfo(), context.ActionDescriptor.GetMethodInfo().DeclaringType ); } catch (AbpAuthorizationException ex) { Logger.Warn(ex.ToString(), ex); await _eventBus.TriggerAsync(this, new AbpHandledExceptionData(ex)); if (ActionResultHelper.IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { context.Result = new ObjectResult(new AjaxResponse(_errorInfoBuilder.BuildForException(ex), true)) { StatusCode = context.HttpContext.User.Identity.IsAuthenticated ? (int)System.Net.HttpStatusCode.Forbidden : (int)System.Net.HttpStatusCode.Unauthorized }; } else { context.Result = new ChallengeResult(); } } catch (Exception ex) { Logger.Error(ex.ToString(), ex); await _eventBus.TriggerAsync(this, new AbpHandledExceptionData(ex)); if (ActionResultHelper.IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { context.Result = new ObjectResult(new AjaxResponse(_errorInfoBuilder.BuildForException(ex))) { StatusCode = (int)System.Net.HttpStatusCode.InternalServerError }; } else { //TODO: How to return Error page? context.Result = new StatusCodeResult((int)System.Net.HttpStatusCode.InternalServerError); } } }
public async Task OnAuthorizationAsync(AuthorizationFilterContext context) { // Allow Anonymous skips all authorization if (context.Filters.Any(item => item is IAllowAnonymousFilter)) { return; } if (!context.ActionDescriptor.IsControllerAction()) { return; } var wrapResultAttribute = AttributeHelper.GetSingleAttributeOfMemberOrDeclaringTypeOrDefault( context.ActionDescriptor.GetMethodInfo(), _configuration.DefaultWrapResultAttribute ); //TODO: Avoid using try/catch, use conditional checking try { await _authorizationHelper.AuthorizeAsync( context.ActionDescriptor.GetMethodInfo(), context.ActionDescriptor.GetMethodInfo().DeclaringType ); } catch (AbpAuthorizationException ex) { Logger.Warn(ex.ToString(), ex); _eventBus.Trigger(this, new AbpHandledExceptionData(ex)); if (ActionResultHelper.IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { if (wrapResultAttribute.WrapOnError) { context.Result = new ObjectResult(new AjaxResponse(_errorInfoBuilder.BuildForException(ex), true)) { StatusCode = context.HttpContext.User.Identity.IsAuthenticated ? (int)System.Net.HttpStatusCode.Forbidden : (int)System.Net.HttpStatusCode.Unauthorized }; } else { context.Result = new ObjectResult(_errorInfoBuilder.BuildForException(ex)) { StatusCode = context.HttpContext.User.Identity.IsAuthenticated ? (int)System.Net.HttpStatusCode.Forbidden : (int)System.Net.HttpStatusCode.Unauthorized }; } } else { context.Result = new ChallengeResult(); } } catch (Exception ex) { Logger.Error(ex.ToString(), ex); _eventBus.Trigger(this, new AbpHandledExceptionData(ex)); if (ActionResultHelper.IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { if (wrapResultAttribute.WrapOnError) { context.Result = new ObjectResult(new AjaxResponse(_errorInfoBuilder.BuildForException(ex))) { StatusCode = (int)System.Net.HttpStatusCode.InternalServerError }; } else { context.Result = new ObjectResult(_errorInfoBuilder.BuildForException(ex)) { StatusCode = (int)System.Net.HttpStatusCode.InternalServerError }; } } else { //TODO: How to return Error page? context.Result = new StatusCodeResult((int)System.Net.HttpStatusCode.InternalServerError); } } }
public virtual async Task OnAuthorizationAsync(AuthorizationFilterContext context) { var endpoint = context?.HttpContext?.GetEndpoint(); // 如果注入了 IAllowAnonymous 接口则允许所有匿名用户的请求 // Allow Anonymous skips all authorization if (endpoint?.Metadata.GetMetadata <IAllowAnonymous>() != null) { return; } // 如果不是一个控制器方法则直接返回 if (!context.ActionDescriptor.IsControllerAction()) { return; } //TODO: Avoid using try/catch, use conditional checking // 开始使用 IAuthorizationHelper 对象来进行权限校验 try { await _authorizationHelper.AuthorizeAsync( context.ActionDescriptor.GetMethodInfo(), context.ActionDescriptor.GetMethodInfo().DeclaringType ); } // 如果是未授权异常的处理逻辑 catch (AbpAuthorizationException ex) { // 记录日志 Logger.Warn(ex.ToString(), ex); // 触发异常事件 await _eventBus.TriggerAsync(this, new AbpHandledExceptionData(ex)); // 如果接口的返回类型为 ObjectResult,则采用 AjaxResponse 对象进行封装信息 if (ActionResultHelper.IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { //context.Result = new ObjectResult(new AjaxResponse(_errorInfoBuilder.BuildForException(ex), true)) //{ // StatusCode = context.HttpContext.User.Identity.IsAuthenticated // ? (int)System.Net.HttpStatusCode.Forbidden // : (int)System.Net.HttpStatusCode.Unauthorized //}; //获取错误信息 var errorInfo = _errorInfoBuilder.BuildForException(ex); //code设置状态码数据 errorInfo.Code = (context.HttpContext.User.Identity.IsAuthenticated ? (int)System.Net.HttpStatusCode.Forbidden : (int)System.Net.HttpStatusCode.Unauthorized); //返回结果 context.Result = new ObjectResult(new AjaxResponse(errorInfo, unAuthorizedRequest: true)) { //默认状态 StatusCode = (int)System.Net.HttpStatusCode.OK }; } else { context.Result = new ChallengeResult(); } } // 其他异常则显示为服务器内部异常 catch (Exception ex) { Logger.Error(ex.ToString(), ex); await _eventBus.TriggerAsync(this, new AbpHandledExceptionData(ex)); if (ActionResultHelper.IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { //context.Result = new ObjectResult(new AjaxResponse(_errorInfoBuilder.BuildForException(ex))) //{ // StatusCode = (int)System.Net.HttpStatusCode.InternalServerError //}; //获取错误信息 var errorInfo = _errorInfoBuilder.BuildForException(ex); errorInfo.Details = ex.Message; errorInfo.Code = (int)System.Net.HttpStatusCode.InternalServerError; context.Result = new ObjectResult(new AjaxResponse(errorInfo)) { StatusCode = (int)System.Net.HttpStatusCode.OK }; } else { //TODO: How to return Error page? context.Result = new StatusCodeResult((int)System.Net.HttpStatusCode.InternalServerError); } } }
protected virtual ActionResult GenerateNonJsonExceptionResult(ExceptionContext context) { return(new ViewResult { ViewName = "Error", MasterName = string.Empty, ViewData = new ViewDataDictionary <ErrorViewModel>(new ErrorViewModel(_errorInfoBuilder.BuildForException(context.Exception), context.Exception)), TempData = context.Controller.TempData }); }
public async Task OnAuthorizationAsync(AuthorizationFilterContext context) { // Allow Anonymous skips all authorization if (context.Filters.Any(item => item is IAllowAnonymousFilter)) { return; } if (!context.ActionDescriptor.IsControllerAction()) { return; } var isWebserviceWay = false; if (context.HttpContext.Request.Headers.ContainsKey("requestWay") || context.HttpContext.Request.Headers["requestWay"].ToString() != "webapi") { isWebserviceWay = true; } //TODO: Avoid using try/catch, use conditional checking try { await _authorizationHelper.AuthorizeAsync( context.ActionDescriptor.GetMethodInfo(), context.ActionDescriptor.GetMethodInfo().DeclaringType ); } catch (AbpAuthorizationException ex) { Logger.Warn(ex.ToString(), ex); _eventBus.Trigger(this, new AbpHandledExceptionData(ex)); if (ActionResultHelper.IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { if (isWebserviceWay) { context.Result = new ObjectResult(new ResultMessage <object>(ResultCode.Auth_Error, "authorization failure")); } else { context.Result = new ObjectResult(new AjaxResponse(_errorInfoBuilder.BuildForException(ex), true)) { StatusCode = context.HttpContext.User.Identity.IsAuthenticated? (int)System.Net.HttpStatusCode.Forbidden:(int)System.Net.HttpStatusCode.Unauthorized }; } } else { if (isWebserviceWay) { context.Result = new ObjectResult(new ResultMessage <object>(ResultCode.Auth_Error, "authorization failure")); } else { context.Result = new ChallengeResult(); } } } catch (Exception ex) { Logger.Error(ex.ToString(), ex); _eventBus.Trigger(this, new AbpHandledExceptionData(ex)); if (ActionResultHelper.IsObjectResult(context.ActionDescriptor.GetMethodInfo().ReturnType)) { if (isWebserviceWay) { context.Result = new ObjectResult(new ResultMessage <object>(ResultCode.SytemError, "Unknown exception")); } else { context.Result = new ObjectResult(new AjaxResponse(_errorInfoBuilder.BuildForException(ex))) { StatusCode = (int)System.Net.HttpStatusCode.InternalServerError }; } } else { if (isWebserviceWay) { context.Result = new ObjectResult(new ResultMessage <object>(ResultCode.SytemError, "Unknown exception")); } else { //TODO: How to return Error page? context.Result = new StatusCodeResult((int)System.Net.HttpStatusCode.InternalServerError); } } } }