public override void OnAuthorization(HttpActionContext actionContext) { if (actionContext == null) { throw new ApplicationException("actionContext"); } if (this.skipAuthorization(actionContext)) { return; } AccessAuthorizerResponse accessAuthorizerResponse = authorizeCore(actionContext.Request); if (accessAuthorizerResponse.AuthorizedID < 1) // Not a Valid Access { HandleUnauthorizedRequest(actionContext, accessAuthorizerResponse); } }
private AccessAuthorizerResponse authorizeCore(HttpRequestMessage request) { object apiKeyAuthorizerClassInstance = Activator.CreateInstance(_accessAuthorizerType); AccessAuthorizerResponse result = null; if (_rolesSplit == AuthorizationUtilities._emptyArray) { result = (AccessAuthorizerResponse)_accessAuthorizerType.GetMethod(_method, new Type[] { typeof(HttpRequestMessage) }). Invoke(apiKeyAuthorizerClassInstance, new object[] { request }); } else { List <Role> roles = new List <Role>(); foreach (var roleName in _rolesSplit) { roles.Add(new RoleBLL().GetRoleByRoleName(roleName)); } result = (AccessAuthorizerResponse)_accessAuthorizerType.GetMethod(_method, new Type[] { typeof(HttpRequestMessage), typeof(List <Role>) }). Invoke(apiKeyAuthorizerClassInstance, new object[] { request, roles }); } return(result); }
protected virtual void HandleUnauthorizedRequest(HttpActionContext actionContext, AccessAuthorizerResponse accessAuthorizerResponse) { if (actionContext == null) { throw new ApplicationException("actionContext"); } var serializer = new Newtonsoft.Json.JsonSerializer(); var respornse = new ResponseModel(accessAuthorizerResponse.AuthorizedID, accessAuthorizerResponse.Message); actionContext.Response = actionContext.ControllerContext.Request.CreateResponse(HttpStatusCode.Unauthorized, JsonConvert.SerializeObject(respornse)); }