Escolar Documentos
Profissional Documentos
Cultura Documentos
Module 4
ApiControllerActionInvo
MessageHandler
ker
IIS
Action Filters
HttpControllerHandler
HttpRoutingDispatcher HttpActionBinding
Error Filters
The DelegatingHandler Class
[Queryable]
public IQueryable<Course> Get()
{
}
OData Models
GET http://localhost/api/odata/$metadata
GET http://localhost/api/odata/Flights
PUT http://localhost/api/odata/Flights(123)
Creating and Exposing OData Models
ASP.NET
ASP.NET Membership provides a mechanism for storing
and validating users
Forms authentication user required to login with
username and password
Can be customized by creating a custom provider
You
Create a DelegatingHandler to authenticate the client
The implementation is up to you, maintainability is hard
You can create a different handler for each route
Creating a Custom Delegating Handler
if (isAuthenticated)
{
// User is valid. Create a principal for the user
IIdentity identity = new GenericIdentity(parts[0]);
IPrincipal principal = new GenericPrincipal(identity, new[] { "Users", "Admins" });
Thread.CurrentPrincipal = principal;
}
else
{
// Authentication failed
response = request.CreateResponse(System.Net.HttpStatusCode.Unauthorized);
response.Headers.Add("WWW-Authenticate", "Basic");
return response;
}
Authorizing Clients
[Authorize]
public class ProductController : ApiController
{
[AllowAnonymous]
public HttpResponseMessage GetSpecific(int id) { ... }
[Authorize(Roles="Admins")]
public HttpResponseMessage Delete() { ... }
}
Demonstration: Creating Secured ASP.NET Web
API Services
Dependency Injection
Using the ASP.NET Web API Dependency Resolver
Demonstration: Creating a Dependency Resolver
Dependency Injection