Geek asks and answers

WebApi AuthorizationFilterAttribute: ActionArguments are empty

I am implementing AuthorizationFilterAttribute for the WebApi controller, but I do not have access to the parameters that are passed to the controller:

In MVC4, this works fine:

public class MyMVCController : Controller
{
    [CanAccessMyResourceApi]
    public MyViewModel Get(int id)
    {
       //...
    }
}

public class CanAccessMyResourceMVCAttribute : CanAccessAttributeBase
{
   public override void OnAuthorization(AuthorizationContext filterContext)
   {
       var param = filterContext.Controller.ValueProvider.GetValue("id")
       /// ... 
   }
}

But in WebAPI, I think the parameter should be in ActionArguments, but the "param" is empty here:

public class MyWebApiController : ApiController
{
   [CanAccessMyResourceWebApi]
   public MyViewModel Get(int id)
   {
      //...
   }

}

public class CanAccessMyResourceWebApiAttribute : AuthorizationFilterAttribute 
{
    public override void OnAuthorization(HttpActionContext filterContext)
    {       
        // the debugger shows that ActionArguments is empty:
        var param = filterContext.ActionArguments["id"]
        /// ...
    }
}

Is the parameter that is passed to the controller elsewhere? (I checked that the controller action gets the Id value correctly when I remove the filter attribute.)

+5
source share
1 answer

You examined the solutions from here: Accessing a message or retrieving parameters in MVC4 Web Api user authorization

In particular

var variable = HttpContext.Current.Request.Params["parameterName"];

and

public class CustomAuthorizeAttribute : AuthorizeAttribute
  {
     protected override bool IsAuthorized(System.Web.Http.Controllers.HttpActionContext actionContext)
     {
        var clientId = actionContext.ControllerContext.RouteData.Values["clientid"];

     }
  }
0
source

More articles:


All Articles