2

I'm struggling with getting a custom attribute / filter working with ninject, constructor injection on the ASP.NET Web API.

Here's a few snippets to give some context...

//controller
[ApiAuthorise]
public IEnumerable<Thing> Get()

// Attribute definition with no body
public class ApiAuthoriseAttribute : FilterAttribute {}

// Custom Filter definition
public class ApiAuthoriseFilter : IAuthorizationFilter
{
    public void OnAuthorization(AuthorizationContext filterContext)
    { throw new NotImplementedException(); }
}

//Ninject module for my API authorisation 
public class ApiAuthoriseModule : NinjectModule
{
    public override void Load()
    {

        this.BindFilter<ApiAuthoriseFilter>(FilterScope.Action, 0)
            .WhenActionMethodHas<ApiAuthoriseAttribute>()
}}

//The registerServices(IKernel kernel) method in NinjectMVC3.cs
kernel.Load(new ApiAuthoriseModule());

That's literally all the code I have concerning this filter and attribute. From what I understand I don't have to explicitly add the filter to the global filter collection as ninject takes care of that, is that correct?

If I place a constructor inside my attribute and throw an exception from within there I can see that the attribute is firing.

My suspicion is something I'm doing wrong within the Ninject side of things but after spending an afternoon reading others examples that appear to be identical to mine I'm know asking for help :)

TIA

Improve this question
2
  • After some more playing, the main culprit seems to be the BindFilter<>() method and the difference between System.Web.Http.Filters.FilterScope and System.Web.Mvc.FilterScope. The BindFilter() method wants Mvc.FilterScope, but all the other Web API code refers to Http.Filters.FilterScope. Not sure if there's a way to confirm this... Commented Feb 29, 2012 at 14:38
  • Just throwing in a link to wildermuth.com/2012/2/26/WebAPI_and_Ninject as it deserves google juice and isnt a million miles away from this stuff Commented Feb 29, 2012 at 14:56

1 Answer 1

Reset to default
5

There are different classes that you need to work with in Web API, not the standard System.Web.Mvc.FilterAttribute and System.Web.Mvc.IAuthorizationFilter that are used in normal controllers:

public class ApiAuthoriseAttribute : System.Web.Http.Filters.FilterAttribute 
{ 

}

public class ApiAuthoriseFilter : System.Web.Http.Filters.IAuthorizationFilter
{
    public System.Threading.Tasks.Task<HttpResponseMessage> ExecuteAuthorizationFilterAsync(System.Web.Http.Controllers.HttpActionContext actionContext, System.Threading.CancellationToken cancellationToken, Func<System.Threading.Tasks.Task<HttpResponseMessage>> continuation)
    {
        throw new NotImplementedException();
    }

    public bool AllowMultiple
    {
        get { return false; }
    }
}

Then you will obviously have to modify Ninject and the filter binding syntax (BindFilter extension method) to be able to register this new classes. Or wait for Ninject.MVC4 which will include this functionality.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Is there currently a working solution or code sample for this issue?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.