使用不记名 token 身份验证。 如果响应失败,则需要返回附加字段以及以下消息:
401 UnAuthorize response
{Message: "Authorization has been denied for this request"}
如何在 401 响应消息中包含附加字段。 它将如下所示:(包括指示故障跟踪 ID 的附加字段“ID”)。
{Message: "Authorization has been denied for this request",
Id: 1}
filter.config 如下:
config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
最佳答案
您需要通过覆盖 AuthorizeAttribute 来提供您自己的授权属性实现。
public class YourCustomAuthorization : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
actionContext.Response = new HttpResponseMessage
{
StatusCode = HttpStatusCode.Unauthorized,
Content = new StringContent("You Message")
};
}
}
并将其用作
[CustomAuthorization]
public IHttpActionResult Get()
{
return Ok();
}
另请检查:http://prideparrot.com/blog/archive/2012/6/customizing_authorize_attribute
关于c# - 如何使用过滤器 HostAuthenticationFilter 修改 "Authorization has been denied for this request.",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/49237228/