.net如何设置授权失败时的响应体?
.net how to set the the response body when the authorization failed?
当我的 API 中授权失败时,我必须显示自定义 (json) 响应正文。默认情况下,我有这条消息:未经授权。但我想 return 一个 json 包含自定义代码错误、消息和一些其他详细信息。这是我所做的一个例子。
o.Events = new JwtBearerEvents
{
OnChallenge = async (context) =>
{
if (!context.Request.Headers.ContainsKey("Authorization"))
{
context.Response.HttpContext.Features.Get<IHttpResponseFeature>().ReasonPhrase = "The authorization parameter is not given or the token passed is empty";
}
},
OnAuthenticationFailed = async (context) =>
{
await context.HttpContext.Response.WriteAsync("ramses");
context.Response.HttpContext.Features.Get<IHttpResponseFeature>().ReasonPhrase = "The token is invalid or has expired";
},
};
我尝试使用 HttpContext.Response 的 WriteAsync 方法,但我定义的消息没有出现,只有原因短语出现正确。
这是我 API 中的结果图片。
我在 jwtBearer 配置 startup.cs 中指定此代码
我已经在我的代码中使用了它并且效果很好
.AddJwtBearer(o => {
o.RequireHttpsMetadata = false;
o.SaveToken = false;
o.TokenValidationParameters = tokenValidationParameters;
o.Events = new JwtBearerEvents {
OnAuthenticationFailed = c => {
c.NoResult();
c.Response.StatusCode = 500;
c.Response.ContentType = "text/plain";
return c.Response.WriteAsync(c.Exception.ToString());
},
OnChallenge = context => {
context.HandleResponse();
context.Response.StatusCode = 401;
context.Response.ContentType = "application/json";
var result = JsonConvert.SerializeObject(new {
status = "un-authorized",
message = "un-authorized"
});
return context.Response.WriteAsync(result);
},
OnForbidden = context => {
context.Response.StatusCode = 403;
context.Response.ContentType = "application/json";
var result = JsonConvert.SerializeObject(new {
status = "un-authorized",
message = "un-authorized"
});
return context.Response.WriteAsync(result);
}
};
});
当我的 API 中授权失败时,我必须显示自定义 (json) 响应正文。默认情况下,我有这条消息:未经授权。但我想 return 一个 json 包含自定义代码错误、消息和一些其他详细信息。这是我所做的一个例子。
o.Events = new JwtBearerEvents
{
OnChallenge = async (context) =>
{
if (!context.Request.Headers.ContainsKey("Authorization"))
{
context.Response.HttpContext.Features.Get<IHttpResponseFeature>().ReasonPhrase = "The authorization parameter is not given or the token passed is empty";
}
},
OnAuthenticationFailed = async (context) =>
{
await context.HttpContext.Response.WriteAsync("ramses");
context.Response.HttpContext.Features.Get<IHttpResponseFeature>().ReasonPhrase = "The token is invalid or has expired";
},
};
我尝试使用 HttpContext.Response 的 WriteAsync 方法,但我定义的消息没有出现,只有原因短语出现正确。
这是我 API 中的结果图片。
我在 jwtBearer 配置 startup.cs 中指定此代码
我已经在我的代码中使用了它并且效果很好
.AddJwtBearer(o => {
o.RequireHttpsMetadata = false;
o.SaveToken = false;
o.TokenValidationParameters = tokenValidationParameters;
o.Events = new JwtBearerEvents {
OnAuthenticationFailed = c => {
c.NoResult();
c.Response.StatusCode = 500;
c.Response.ContentType = "text/plain";
return c.Response.WriteAsync(c.Exception.ToString());
},
OnChallenge = context => {
context.HandleResponse();
context.Response.StatusCode = 401;
context.Response.ContentType = "application/json";
var result = JsonConvert.SerializeObject(new {
status = "un-authorized",
message = "un-authorized"
});
return context.Response.WriteAsync(result);
},
OnForbidden = context => {
context.Response.StatusCode = 403;
context.Response.ContentType = "application/json";
var result = JsonConvert.SerializeObject(new {
status = "un-authorized",
message = "un-authorized"
});
return context.Response.WriteAsync(result);
}
};
});