IAuthenticationFilter中的ActionContext.ActionArguments为空 [英] ActionContext.ActionArguments Is Empty In IAuthenticationFilter
问题描述
背景:
我想使用使用Ninject注入的IAuthenticationFilter
的实现来验证对我的Web API的POST请求.要验证请求,我需要访问请求正文.
I want to authenticate a POST request to my web API using an implementation of IAuthenticationFilter
injected using Ninject. To authenticate a request I need access to request body.
问题:
ActionContext.ActionArguments
,当我尝试在过滤器中访问它时为空.
ActionContext.ActionArguments
, which I usually use to access request payload, is empty when I try to access it inside the filter.
问题:
- 如何在
IAuthenticationFilter
实现中访问POST请求有效负载? - 为什么
ActionContext.ActionArguments
在IAuthenticationFilter
实现中为空,但如果我的过滤器实现ActionFilterAttribute
,则具有值吗?
- How to access POST request payload inside an
IAuthenticationFilter
implementation? - Why
ActionContext.ActionArguments
is empty inside anIAuthenticationFilter
implementation, but has values if my filter implementsActionFilterAttribute
?
代码:
过滤器实现:
public class AuthenticateFilter : IAuthenticationFilter
{
private const string AuthenticationHeader = "X-Auth-Token";
private const string UserHeader = "X-Auth-User";
private readonly ILog log;
public AuthenticateFilter(ILog log)
{
this.log = log;
}
public Task AuthenticateAsync(HttpAuthenticationContext context,
CancellationToken cancellationToken)
{
// context.ActionContext.ActionArguments is empty
if (!IsAuthenticated(context))
{
context.ErrorResult =
new StatusCodeResult(HttpStatusCode.Unauthorized,
context.Request);
}
return Task.FromResult(0);
}
public Task ChallengeAsync(HttpAuthenticationChallengeContext context,
CancellationToken cancellationToken)
{
context.Result =
new StatusCodeResult(HttpStatusCode.Unauthorized,
context.Request);
return Task.FromResult(0);
}
private bool IsAuthenticated(HttpAuthenticationContext context)
{
// Authentication code here
// context.ActionContext.ActionArguments is empty
}
}
当控制器方法具有属性时,使用Ninject注入过滤器.
The filter is injected using Ninject when controller method has a attribute.
kernel.BindHttpFilter<AuthenticateFilter>(FilterScope.Action)
.WhenActionMethodHas<AuthenticateAttribute>();
AuthenticateAttribute
是空的ActionFilterAttribute
.
public class AuthenticateAttribute : ActionFilterAttribute
{
}
谢谢!
推荐答案
这是预期的行为. Authentication
和Authorization
过滤器在ModelBinding/Formatter反序列化阶段之前运行,而Action
过滤器在此阶段之后运行.
This is expected behavior. Authentication
and Authorization
filters run before ModelBinding/Formatter deserialization stage, where as Action
filters run after this stage.
这篇关于IAuthenticationFilter中的ActionContext.ActionArguments为空的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!