4

I have the code below for a custom Authorize attribute

public class CustomAuthorizeAttribute : AuthorizeAttribute  
{  
    
   protected override bool AuthorizeCore(HttpContextBase httpContext)  
   { 
    } 
    
}

the issue is there is no such thing as HttpContextBase. I have all the httpcontext usings as well but still yells at me. what am i doing wrong?

Improve this question
1
  • The AuthorizeAttribute in ASP.Net core has no AuthorizeCore method to override, and HttpContextBase does not exists. Those are from ASP.Net (not core). This question might help: stackoverflow.com/questions/31464359/… Commented Apr 26, 2021 at 1:40

3 Answers 3

Reset to default
2

If we want to write custom logic to authorize the user, I suggest you could consider using AuthorizeAttribute and the IAuthorizationFilter.

The IAuthorizationFilter provide the OnAuthorization method which could write some custom logic to authorize the user.

More details, you could refer to below codes:

public class CustomAuthorizeAttribute : AuthorizeAttribute, IAuthorizationFilter
{
    public void OnAuthorization(AuthorizationFilterContext context)
    {
        //Custom code ...

  

        //Return based on logic
        context.Result = new UnauthorizedResult();
    }


}

Besides, asp.net core recommend using the new policy design. The basic idea behind the new approach is to use the new [Authorize] attribute to designate a "policy" (e.g. [Authorize( Policy = "YouNeedToBe18ToDoThis")].

More details, you could refer to this answer.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

If you want to "turn off Auth" while in debug mode - in VS - how would you do that?
2

You can write the code like this:-

Instead of HttpContextBase you can use AuthorizationFilterContext as mentioned in example.

[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
public class CustomAuthorizeAttribute : Attribute, IAuthorizationFilter
{
  public void OnAuthorization(AuthorizationFilterContext context)
  {
    //your code logic..........
  }
}
Improve this answer

1 Comment

How do you select a scheme with this method?
2

The below code worked for me in .Net Core 5

[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
public class CustomAuthorization : Attribute, IAuthorizationFilter
{
    public void OnAuthorization(AuthorizationFilterContext context)
    {
        Microsoft.Extensions.Primitives.StringValues tokens;
        context.HttpContext.Request.Headers.TryGetValue("saToken", out tokens);
        var token = tokens.FirstOrDefault();

        if (!string.IsNullOrEmpty(token))
        {
            var jwtService = (IJwtService)context.HttpContext.RequestServices.GetService(typeof(IJwtService));

            if (jwtService.IsValidToken(token))
                return;
            else
            {
                context.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
                context.HttpContext.Response.HttpContext.Features.Get<IHttpResponseFeature>().ReasonPhrase = "Invalid Token";
                context.Result = new JsonResult("Invalid Token")
                {
                    Value = new { Status = "Unauthorized", Message = "Invalid Token" }
                };
            }
        }
        else
        {
            context.HttpContext.Response.StatusCode = (int)HttpStatusCode.ExpectationFailed;
            context.HttpContext.Response.HttpContext.Features.Get<IHttpResponseFeature>().ReasonPhrase = "Please Provide Token";
            context.Result = new JsonResult("Please Provide Token")
            {
                Value = new { Status = "ExpectationFailed", Message = "Please Provide Token" }
            };
        }
    }
}
Improve this answer

1 Comment

As it’s currently written, your answer is unclear. Please edit to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers in the help center.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.