protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AuthRequirement requirement) { var resources = context.Resource; if (resources != null) { StringValues tokens; var filterContext = resources as FilterContext; if (filterContext != null && !filterContext.HttpContext.Request.Headers.TryGetValue("Authorization", out tokens)) { context.Fail(); var Response = filterContext.HttpContext.Response; var model = new ErrorResultInfo { Code = ResponseResult.NotAuthorized.Code.GlobalCode, Errors = new[] { new ErrorInfo { Code = ResponseResult.NotAuthorized.Code.CodeString, Message = ResponseResult.NotAuthorized.Description, Field = ResponseResult.NotAuthorized.Field } } }; var message = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(model, new JsonSerializerSettings { ContractResolver = new CamelCasePropertyNamesContractResolver() })); Response.OnStarting(async() => { filterContext.HttpContext.Response.StatusCode = (int)ResponseResult.NotAuthorized.Code.HttpCode; filterContext.HttpContext.Response.ContentType = "application / json"; await Response.Body.WriteAsync(message, 0, message.Length); }); return(Task.CompletedTask); } else { var token = tokens.First(); int index = token.IndexOf("Bearer ", StringComparison.Ordinal); string cleanToken = (index < 0) ? token : token.Remove(index, "Bearer ".Length); var res = TokenHelper.CheckAccessToken(cleanToken); if (!res) { var Response = filterContext.HttpContext.Response; var model = new ErrorResultInfo { Code = ResponseResult.NotAuthorized.Code.CodeString , Errors = new[] { new ErrorInfo { Code = ResponseResult.NotAuthorized.Code.CodeString, Message = "Wrong access token", Field = "accessToken" } } }; var message = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(model, new JsonSerializerSettings { ContractResolver = new CamelCasePropertyNamesContractResolver() })); Response.OnStarting(async() => { filterContext.HttpContext.Response.StatusCode = (int)ResponseResult.NotAuthorized.Code.HttpCode; filterContext.HttpContext.Response.ContentType = "application / json"; await Response.Body.WriteAsync(message, 0, message.Length); }); return(Task.CompletedTask); } var tokenPayload = Bll.Helpers.TokenHelper.GetPayloadByJwtToken <AccessTokenModel>(cleanToken).model; if (tokenPayload != null) { var model = CacheStoreHelper[CommonConstants.AccessTokenPrefix + cleanToken]; if (model == null) { context.Fail(); return(Task.CompletedTask); } var principal = new UserPrincipal(new GenericIdentity(tokenPayload.UserId.ToString()), new string[0]) { UserModel = model }; Context.User = principal; context.Succeed(requirement); return(Task.CompletedTask); } } } context.Fail(); return(Task.CompletedTask); }