C# Web API中的SendAsync返回null
当用户的授权令牌过期或令牌无效时,如果用户试图调用服务,我将尝试返回相应的错误消息 我遇到的问题是,第一次调用它时,消息被正确发送,但在第一次调用SendAsync方法4次之后,消息数据返回null 我不明白为什么它会循环4次,我试着单步通过它,但我无法进一步了解代码 代码如下:C# Web API中的SendAsync返回null,c#,asp.net-web-api,C#,Asp.net Web Api,当用户的授权令牌过期或令牌无效时,如果用户试图调用服务,我将尝试返回相应的错误消息 我遇到的问题是,第一次调用它时,消息被正确发送,但在第一次调用SendAsync方法4次之后,消息数据返回null 我不明白为什么它会循环4次,我试着单步通过它,但我无法进一步了解代码 代码如下: protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request,
protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request,
CancellationToken cancellationToken)
{
if (request.Headers != null)
{
// ....
if (request.Headers.GetValues(CustomTokenHeader).FirstOrDefault() == null)
{
//unauthorized response(401)
return FromResult(_unauthorizedResponse);
}
var authHeader = request.Headers.GetValues(CustomTokenHeader).FirstOrDefault();
if (String.IsNullOrWhiteSpace(authHeader))
{
//unauthorized response(401)
return FromResult(_unauthorizedResponse);
}
//authenticate token
return HandleTokenAuthentication(request, cancellationToken, authHeader);
}
}
static Task<T> FromResult<T>(T t)
{
var tcs = new TaskCompletionSource<T>();
tcs.SetResult(t);
return tcs.Task;
}
private Task<HttpResponseMessage> HandleTokenAuthentication(HttpRequestMessage request, CancellationToken cancellationToken, string authHeader)
{
//parse token
var token = ParseToken(authHeader);
if (String.IsNullOrWhiteSpace(token))
{
//unauthorized response(401)
return FromResult(_unauthorizedResponse);
}
//decrypt token
var tokenInfo = DecryptToken(token);
if (tokenInfo == null)
{
//unauthorized response(401)
return FromResult(_unauthorizedResponse);
}
//validate token
var claims = ValidateToken(tokenInfo, token);
if (claims == null)
{
//unauthorized response(401)
return FromResult(_unauthorizedTokenExpired);
}
var principal = CheckCustomAuthorization(claims);
if (principal == null)
{
//unauthorized response(401)
return FromResult(_unauthorizedResponse);
}
if (!principal.Identity.IsAuthenticated)
{
var loginFailureMessage = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent(((AgencyClaims)principal.Identity).LoginFailureReason)
};
return FromResult(loginFailureMessage);
}
//assign principal
Thread.CurrentPrincipal = principal;
return base.SendAsync(request, cancellationToken)
.ContinueWith(task => AuthorizedResponse(request, task.Result));
}
static HttpResponseMessage AuthorizedResponse(HttpRequestMessage request, HttpResponseMessage response)
{
if ((request.Method == HttpMethod.Get && response.StatusCode == HttpStatusCode.OK
&& !response.Headers.Contains(CustomTokenHeader))
|| (request.Method == HttpMethod.Post && response.StatusCode == HttpStatusCode.Created
&& !response.Headers.Contains(CustomTokenHeader)))
{
var token = ((AgencyClaims) Thread.CurrentPrincipal.Identity).Token;
response.Headers.Add(CustomTokenHeader, Convert.ToBase64String(Encoding.ASCII.GetBytes(token)));
}
return response;
}
readonly HttpResponseMessage _unauthorizedResponse =
new HttpResponseMessage(HttpStatusCode.Unauthorized) { Content = new StringContent("PROPER ERROR MESSAGE")};
好的,我能够解决这个问题。
\u unauthorizedResponse
类变量以某种方式允许代码成功运行一次,但不是第二次。这个问题与readonly修饰符无关,因为没有它它仍然无法工作。我不确定这是如何工作的(也许这里有人可以解释),但是通过将它们移动到方法中的本地范围,每次都可以正确运行 向我们显示HandleTokenAuthentication
Sure的代码。刚刚更新了代码。我还添加了AuthorizedResponse
方法。但我不确定这是否是问题所在,因为消息是在调用HandleTokenAuthentication
方法之前返回的。
<data contentType="text/plain; charset=utf-8" contentLength="21"><![CDATA[Authentication failed]]></data>
<data contentType="null" contentLength="0"><![CDATA[]]></data>
GET http://localhost:20559/api/Service?Name=Jack HTTP/1.1