asp.net-web-api2

I followed this up to the xml doc part in order to create Swagger documentation using Swashbuckle. It should allow me to view the endpoints via (in my case): http://localhost:51854/swagger/ui/index Unfortunately, I cannot see any endpoints: Any ideas why and how to fix this? Please note that I created my webapi from an empty webapi project - maybe that's the problem. Something must be missing but I am not sure what ... I have now identified the following code as the root cause. In Global.asax.cs: var container = new XyzWebApiStructureMapContainerConfigurator().Configure(GlobalConfiguration

I have developed an authentication mechanism in Asp.Net Web Api 2 with the feature for granting refresh tokens, based on the tutorial on Taiseer's blog. Here is my question. Assume the following scenario: A user logs in using password and get a refresh token and an access token. The access token in fact includes what roles he is in (hence his authorities within the app). In the mean time the system admin will change this person's roles, so once his access token expires and he wants to use the refresh token to obtain a new access token, his new access token must include the newly updated roles

I have a Web API 2 controller which has an action method like this: public async Task<IHttpActionResult> Foo(int id) { var foo = await _repository.GetFooAsync(id); return foo == null ? (IHttpActionResult)NotFound() : new CssResult(foo.Css); } Where CssResult is defined as: public class CssResult : IHttpActionResult { private readonly string _content; public CssResult(string content) { content.ShouldNotBe(null); _content = content; } public Task<HttpResponseMessage> ExecuteAsync(CancellationToken cancellationToken) { var response = new HttpResponseMessage(HttpStatusCode.OK) { Content = new

Trying to move from OData v3 to OData v4 . Why do I keep getting a 404 when trying to use OData Functions ? Web API Config: ODataModelBuilder builder = new ODataConventionModelBuilder(); //etc builder.EntitySet<LocalizableString>("LocalizableStringApi"); //etc var getComparitiveTableFunction = builder.EntityType<LocalizableString>().Collection.Function("GetComparitiveTable"); getComparitiveTableFunction.Parameter<string>("cultureCode"); getComparitiveTableFunction.ReturnsCollection<ComparitiveLocalizableString>(); //etc config.MapODataServiceRoute("OData_Kore_CMS", "odata/kore/cms", builder

I'm trying to follow this post by Jimmy Bogard to implement a mediator pipeline so I can use pre/post request handlers to do some work. From the comments on that article I come to this github gist . I don't quite understand how to hook all of this up yet, so here is my first go. FYI - I'm using Autofac for DI and Web Api 2. Following CQRS, here is a query. public class GetAccountRequest : IAsyncRequest<GetAccountResponse> { public int Id { get; set; } } //try using fluent validation public class GetAccountRequestValidationHandler : AbstractValidator<GetAccountRequest>, IAsyncPreRequestHandler

What is the difference between the following two ways of accessing the principle via an AuthorizeAttribute implementation? Using HttpContext : protected override bool IsAuthorized(HttpActionContext actionContext) { return HttpContext.Current.User.IsInRole("DemoRole"); } Using HttpActionContext : protected override bool IsAuthorized(HttpActionContext actionContext) { return actionContext.RequestContext.Principal.IsInRole("DemoRole"); } 来源： https://stackoverflow.com/questions/28235979/web-api-2-httpcontext-or-httpactioncontext

I have implemented REST service using WebAPI2, service implemeted to manage different sessions which are created and joined by different clients which are accessing service. Session contains information about access of application functionality and information of participants which have joined same session. Each client get session information and access list from server for synchronization purpose on every second. According to access changed, client functionality will changed(Enable/Disable). I am using MemoryCache class to store session info in WebAPI service as below. public static class

I have a small Web API application that uses Identity to manage users using Owin Bearer Tokens. The basics of this implementation work fine: I can register a user, login a user and access Web API end points that are marked with [Authorize] . My next step is to limit Web API endpoints using roles. For example, a controller that only users in the Admin role can access. I've created the Admin user as below and I add them to the Admin role. However when I update my existing controllers from [Authorize] to [Authorize(Roles = "Admin")] and try to access it using the Adim account, I get a 401