/// <summary> /// 驗證是反被授權 /// </summary> /// <param name="actionContext"></param> public override void OnAuthorization(HttpActionContext actionContext) { var identity = actionContext.RequestContext.Principal.Identity as ClaimsIdentity; var authorized = identity.IntersectScopes(this.Scopes?.Split(',') ?? new string[0]); if (!authorized) { var controller = (BaseApiController)actionContext.ControllerContext.Controller; var Fail = new FailOutputModel() { ApiVersion = "1.0.0", Method = string.Format("{0}.{1}", controller.ControllerContext.RouteData.Values["controller"], actionContext.Request.Method), Error = new ErrorMessage() { Domain = "API-CountyDistrictRoad", Code = 0, Message = "驗證錯誤", Description = "驗證錯誤" }, Id = controller.ResponseId }; actionContext.Response = actionContext.ControllerContext.Request.CreateResponse(HttpStatusCode.Unauthorized, Fail); } }
/// <summary> /// Generates the exception message. /// </summary> /// <param name="context">The context.</param> /// <param name="projectName">The project name.</param> /// <param name="errorCode">The error code.</param> /// <param name="message">The message.</param> /// <returns>IFailOutputModel</returns> public static IFailOutputModel GenerateExceptionMessage(ExceptionHandlerContext context, string projectName, int errorCode, string message) { IFailOutputModel fail = new FailOutputModel(); fail.Method = string.Format("{0}.{1}", context.Request.RequestUri.AbsolutePath, context.Request.Method); fail.Error = new ErrorMessage() { Domain = projectName, Code = errorCode, Message = message, Description = context.Exception.Message }; fail.Id = System.Guid.NewGuid(); //// TODO:要把parameter & fail.Id 寫進LOG //// parameter: context.ExceptionContext.Request.RequestUri.Query return fail; }
/// <summary> /// Exceptions the message. /// </summary> /// <param name="context">The context.</param> /// <returns>HttpResponseMessage</returns> public HttpResponseMessage GenerateExceptionMessage(ExceptionHandlerContext context) { var fail = new FailOutputModel() { ApiVersion = "1.0.0", Method = string.Format("{0}.{1}", context.Request.RequestUri.AbsolutePath, context.Request.Method), Error = new ErrorMessage() { Domain = "FIM-CRM", Code = 40001, Message = "未預期的錯誤", Description = context.Exception.Message }, Id = System.Guid.NewGuid() }; return context.Request.CreateResponse(HttpStatusCode.InternalServerError, fail); }
/// <summary> /// Exceptions the message. /// </summary> /// <param name="context">The context.</param> /// <returns>HttpResponseMessage</returns> public HttpResponseMessage GenerateExceptionMessage(ExceptionHandlerContext context) { var fail = new FailOutputModel() { ApiVersion = "1.0.0", Method = string.Format("{0}.{1}", context.Request.RequestUri.AbsolutePath, context.Request.Method), Status = "ERROR", Error = new ErrorMessage() { Domain = "YutApi", Code = "33001", Message = "參數驗證錯誤", Description = context.Exception.ToString() }, Id = System.Guid.NewGuid() }; return(context.Request.CreateResponse(HttpStatusCode.ExpectationFailed, fail)); }
/// <summary> /// 在衍生類別中覆寫時,同步處理例外狀況。 /// </summary> /// <param name="context">例外狀況處理常式內容。</param> public override void Handle(ExceptionHandlerContext context) { var Fail = new FailOutputModel(); if (context.Exception is InvalidOperationException) { // 驗證錯誤的處理 Fail.ApiVersion = "1.0.0"; Fail.Method = string.Format("{0}.{1}", context.Request.RequestUri.AbsolutePath, context.Request.Method); Fail.Error = new ErrorMessage() { Domain = "API-CountyDistrictRoad", Code = 33001, Message = "服務發生異常", Description = context.Exception.Message }; Fail.Id = Guid.NewGuid(); } else { // 其他錯誤的處理 Fail.ApiVersion = "1.0.0"; Fail.Method = string.Format("{0}.{1}", context.Request.RequestUri.AbsolutePath, context.Request.Method); Fail.Error = new ErrorMessage() { Domain = "API-CountyDistrictRoad", Code = 40000, Message = "服務發生異常", Description = context.Exception.Message }; Fail.Id = Guid.NewGuid(); } //TODO:要把parameter & ResponseId 寫進LOG context.Result = new ResponseMessageResult(context.Request.CreateResponse(HttpStatusCode.InternalServerError, Fail)); base.Handle(context); }
/// <summary> /// 在處理序要求授權時呼叫。 /// </summary> /// <param name="actionContext">動作內容,該內容封裝 <see cref="T:System.Web.Http.Filters.AuthorizationFilterAttribute" /> 的使用資訊。</param> public override void OnAuthorization(HttpActionContext actionContext) { var identity = actionContext.RequestContext.Principal.Identity as ClaimsIdentity; var authorized = identity.IntersectScopes(this.Scopes?.Split(',') ?? new string[0]); if (!authorized) { var controller = (BaseApiController)actionContext.ControllerContext.Controller; var fail = new FailOutputModel() { Method = $"{ controller.RequestContext.RouteData.Route.RouteTemplate }.{ actionContext.Request.Method }", Error = new ErrorMessage() { Domain = "API-GIS", Code = 0, Message = "驗證錯誤", Description = "驗證錯誤" }, Id = controller.ResponseId }; actionContext.Response = actionContext.ControllerContext.Request.CreateResponse(HttpStatusCode.Unauthorized, fail); } }