asp.net-web-api2

问题 I've got a WebAPI instance running in Azure that is secured with Azure AD. A mobile app connects to this API using bearer tokens, works great. When I try calling the API from the browser, though, it returns a 401 because I'm not logged in. That's true because I'm not presented with a login screen. My API doesn't have any UI so what I'd want it to do is to forward the user to Azure AD login and return to the API endpoint they were calling after authentication. If I go to the Azure portal,

问题 I have 2 webapi2 projects that use the same database. If I'm on localhost I get a bearer token from one I can pass it to the other and the other will properly decrypt it and load the user. However when I publish them to separate urls on azure, I get the one token fine from one but when I pass it to the other I can't get the ticket to load and it gives me the unauthorized response. I'm testing this by watching the owin AuthenticationTokenProvider.OnRecieve method. When context

问题 I'm trying to limit what shows up on swagger by limiting the routes available. Here are my current routes: config.Routes.MapHttpRoute( name: "SiteCache", routeTemplate: "{controller}/{id}/{action}", defaults: new { controller = "Sites", action ="Cache" }, constraints: new { httpMethod = new HttpMethodConstraint(HttpMethod.Delete), controller = "Sites" } ); config.Routes.MapHttpRoute( name: "SitePost", routeTemplate: "{controller}", defaults: new { controller = "Sites", action ="Post" },

问题 I want to modify JSON.NET so that when I am serializing a Model from my API it sends only an array of IDs for a composite Collection object. For example: class Employee { public ICollection<Address> Addresses { get; set; } } class Address { public int id; public string location; public string postcode; } Then when I send that back through WebApi Request.Createresponse(HttpStatusCode.OK, new Employee()); Instead of this: { "Addresses" : [ {"id" : 1, "location" : "XX", "postcode" : "XX" }, {"id

问题 I have my data modeled with CodeFirst on EF 6. I'm building a Web API to which different type of clients would have access but depending on the client´s configuration they should see or not certain properties of the models. ¿How do I turn on or off the [JsonIgnore] or [serialized] ? Is it possible to set a certain set of rules to do this, like a validator? 回答1: Option 1: Using a custom ContractResolver You can create a custom contract resolver and use it when creating the response: public

问题 I have a custom IModelBinder for my model: public class MyBinder : IModelBinder { public bool BindModel(HttpActionContext actionContext, ModelBindingContext bindingContext) { // bla-bla-bla bindingContext.ModelState.AddModelError( bindingContext.ModelName, "Request value is invalid."); return false; } } I expect that when invalid value is passed in a request HTTP 400 Bad Request is returned automatically. However, this does not happen. What should I do to make Web API return HTTP 400 if there

问题 ASP.NET apps using OWIN permit multiple Identity sources (Facebook, Google, etc.). Most of the provider-specifc information those sources provide is irrelevant to my app, potentially even large, and I don't want it in my cookies all session. My app is primarily WebAPI, but I suspect the question applies equally to MVC and WebForms. For now, all I need is an integer account ID. Where/when should I reconstruct the identity, after external authentication? For example, here is one way I could

问题 I am getting an internal server error when posting information back to register an individual account within Web API 2. It happens on the client.PostAsync . The api/account/register is not changed from what was created when creating teh Web API 2 project to use individual accounts. var handler = new HttpClientHandler(); handler.UseDefaultCredentials = true; handler.PreAuthenticate = true; handler.ClientCertificateOptions = ClientCertificateOption.Automatic; handler.Credentials = new

问题 Currently, I have below 4 projects in my solution file : API (Web API) Web (MVC) Admin (MVC) Service Layer (C# Library) The service layer is being used by all the 3 web projects. The service is injected using Autofac container. The services are registered in each of the web projects during startup which is causing duplication of the code. Is there a simpler way where I can register all the dependencies in one place so that it can be reused by all the projects? Any help is highly appreciated.

问题 I need to get HttpContext.Session in GrantResourceOwnerCredentials method. However I get null when I try to access Httpcontext.Session . Below is my code: public void ConfigureAuth(IAppBuilder app) { PublicClientId = "self"; OAuthOptions = new OAuthAuthorizationServerOptions { TokenEndpointPath = new PathString("/Token"), Provider = new ApplicationOAuthProvider( PublicClientId, DependencyResolver.Current.GetService<ApplicationUserManager>(), HttpContext.Current), //AuthorizeEndpointPath = new