public override void OnException(ExceptionContext context) { if (context.Exception is RefreshTokenWrong) { var response = new ErrorResultInfo { Code = RequestResult.InvalidRefreshToken.Code.GlobalCode, Errors = new[] { new ErrorInfo { Code = RequestResult.InvalidRefreshToken.Code.CodeString, Message = RequestResult.InvalidRefreshToken.Code.Message, Field = "refreshToken" } }, Message = RequestResult.InvalidRefreshToken.Code.Message }; context.Result = new JsonResult(response); context.HttpContext.Response.StatusCode = (int)ResponseResult.BadParameters.Code.HttpCode; return; } if (context.Exception is CredentialWrong) { var response = new ErrorResultInfo { Code = RequestResult.InvalidLoginOrPassword.Code.GlobalCode, Errors = new[] { new ErrorInfo { Code = RequestResult.InvalidLoginOrPassword.Code.CodeString, Message = RequestResult.InvalidLoginOrPassword.Code.Message } }, Message = RequestResult.InvalidLoginOrPassword.Code.Message }; context.Result = new JsonResult(response); context.HttpContext.Response.StatusCode = (int)ResponseResult.BadParameters.Code.HttpCode; return; } if (context.Exception is UserAlreadyExist) { var response = new ErrorResultInfo { Code = ResponseResult.UserAlreadyExist.Code.CodeString, Errors = new[] { new ErrorInfo { Code = ResponseResult.UserAlreadyExist.Code.CodeString, Message = ResponseResult.UserAlreadyExist.Description } } }; context.Result = new JsonResult(response); context.HttpContext.Response.StatusCode = (int)ResponseResult.UserAlreadyExist.Code.HttpCode; return; } if (context.Exception is PasswordNotSecurity) { var response = new ErrorResultInfo { Code = ResponseResult.PasswordNotSecurity.Code.CodeString, Errors = new[] { new ErrorInfo { Code = ResponseResult.PasswordNotSecurity.Code.CodeString, Message = ResponseResult.PasswordNotSecurity.Description } } }; context.Result = new JsonResult(response); context.HttpContext.Response.StatusCode = (int)ResponseResult.PasswordNotSecurity.Code.HttpCode; return; } if (context.Exception is AcccountDeactivatedException) { var response = new ErrorResultInfo { Code = ResponseResult.AccountDeactivated.Code.CodeString, Errors = new[] { new ErrorInfo { Code = ResponseResult.AccountDeactivated.Code.CodeString, Message = ResponseResult.AccountDeactivated.Description } } }; context.Result = new JsonResult(response); context.HttpContext.Response.StatusCode = (int)ResponseResult.AccountDeactivated.Code.HttpCode; return; } var res = new ErrorResultInfo { Code = ResponseResult.InternalError.Code.CodeString, Errors = new[] { new ErrorInfo { Code = ResponseResult.InternalError.Code.CodeString, Message = context.Exception.Message } } }; context.Result = new JsonResult(res); context.HttpContext.Response.StatusCode = (int)ResponseResult.InternalError.Code.HttpCode; }
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AuthRequirement requirement) { var resources = context.Resource; if (resources != null) { StringValues tokens; var filterContext = resources as FilterContext; if (filterContext != null && !filterContext.HttpContext.Request.Headers.TryGetValue("Authorization", out tokens)) { context.Fail(); var Response = filterContext.HttpContext.Response; var model = new ErrorResultInfo { Code = ResponseResult.NotAuthorized.Code.GlobalCode, Errors = new[] { new ErrorInfo { Code = ResponseResult.NotAuthorized.Code.CodeString, Message = ResponseResult.NotAuthorized.Description, Field = ResponseResult.NotAuthorized.Field } } }; var message = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(model, new JsonSerializerSettings { ContractResolver = new CamelCasePropertyNamesContractResolver() })); Response.OnStarting(async() => { filterContext.HttpContext.Response.StatusCode = (int)ResponseResult.NotAuthorized.Code.HttpCode; filterContext.HttpContext.Response.ContentType = "application / json"; await Response.Body.WriteAsync(message, 0, message.Length); }); return(Task.CompletedTask); } else { var token = tokens.First(); int index = token.IndexOf("Bearer ", StringComparison.Ordinal); string cleanToken = (index < 0) ? token : token.Remove(index, "Bearer ".Length); var res = TokenHelper.CheckAccessToken(cleanToken); if (!res) { var Response = filterContext.HttpContext.Response; var model = new ErrorResultInfo { Code = ResponseResult.NotAuthorized.Code.CodeString , Errors = new[] { new ErrorInfo { Code = ResponseResult.NotAuthorized.Code.CodeString, Message = "Wrong access token", Field = "accessToken" } } }; var message = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(model, new JsonSerializerSettings { ContractResolver = new CamelCasePropertyNamesContractResolver() })); Response.OnStarting(async() => { filterContext.HttpContext.Response.StatusCode = (int)ResponseResult.NotAuthorized.Code.HttpCode; filterContext.HttpContext.Response.ContentType = "application / json"; await Response.Body.WriteAsync(message, 0, message.Length); }); return(Task.CompletedTask); } var tokenPayload = Bll.Helpers.TokenHelper.GetPayloadByJwtToken <AccessTokenModel>(cleanToken).model; if (tokenPayload != null) { var model = CacheStoreHelper[CommonConstants.AccessTokenPrefix + cleanToken]; if (model == null) { context.Fail(); return(Task.CompletedTask); } var principal = new UserPrincipal(new GenericIdentity(tokenPayload.UserId.ToString()), new string[0]) { UserModel = model }; Context.User = principal; context.Succeed(requirement); return(Task.CompletedTask); } } } context.Fail(); return(Task.CompletedTask); }