Jquery 如何从Web Api.Net中的AuthorizeAttribute中检索POST参数？

我正在使用token for me Web Api.Net项目开发一种身份验证方法，因此我将覆盖以下一些方法：

public class Authorizetest: System.Web.Http.AuthorizeAttribute
{
        public override void OnAuthorization(HttpActionContext actionContext)
    {
           if(Authorize(actionContext))
        {
            return;
        }
        HandleUnauthorizedRequest(actionContext);  
    }

    protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
    {
        base.HandleUnauthorizedRequest(actionContext);
    }

    private bool Authorize(HttpActionContext actionContext)
    {         
        try
        {                           
            var context = new HttpContextWrapper(HttpContext.Current);
            HttpRequestBase request = context.Request;              
            string token = request.Params["Token"];
            return true;
        }
        catch (Exception)
        {
            return false;
        }
    }
}

我以这种方式使用decorator

[Authorizetest]

：

[Authorizetest]
    public class DoActionController : ApiController
        {
            [HttpPost]
            public Display DoSomething(Parameter param)
            {
                //do something
                return display;
            }
    }

但是

request.Params

正在返回

null

，但是在

DoSomething

方法中，我从

参数

获取值

我也试过这样的方法：（基于）

，但无法检索通过POST方法发送的任何值

我正在使用JQuery发送数据

$.ajax({
                type: 'POST',
                url: '/DoSomething',
                data: JSON.stringify({ "Token": "xxxxxxxxx"}),
                contentType: 'application/json; charset=utf-8',
                success: function (data) {
                },
                fail:function (XMLHttpRequest, textStatus, errorThrown) {
                    alert(errorThrown);
                }
            });

---

如何检索发送到

Authorizetest类中
DoSomething
的数据？
如果打算使用authorized属性进行授权，则应在请求头中发送authorized令牌，然后由authorized属性提取。在模型绑定器有机会填充模型之前读取请求正文可能会产生负面影响

var token = "xxxxxxxxx";
$.ajax({    
    type: 'POST',
    url: '/DoSomething',
    data: JSON.stringify({ "SomeProperty": "SomeValue"}),
    contentType: 'application/json; charset=utf-8',
    beforeSend: function (xhr) {
        /* Authorization header */
        xhr.setRequestHeader("Authorization", "Token " + token);        
    },
    success: function (data) {
    },
    fail:function (XMLHttpRequest, textStatus, errorThrown) {
        alert(errorThrown);
    }
});

然后在服务器上访问它

public class Authorizetest : System.Web.Http.AuthorizeAttribute {
    public override void OnAuthorization(HttpActionContext actionContext) {
        if (Authorize(actionContext)) {
            return;
        }
        HandleUnauthorizedRequest(actionContext);
    }

    protected override void HandleUnauthorizedRequest(HttpActionContext actionContext) {
        base.HandleUnauthorizedRequest(actionContext);
    }

    private bool Authorize(HttpActionContext actionContext) {
        try {
            var auth = actionContext.Request.Headers.Authorization;
            if (auth != null) {
                var scheme = auth.Scheme; //Should be Token, otherwise fail
                var token = auth.Parameter;
                //Validate your token and set your principal
                IPrincipal user = GetUser(token);
                if (user != null) {
                    SetPrincipal(user);
                    return true;
                }
            }
            return false;
        } catch (Exception) {
            return false;
        }
    }

    private IPrincipal GetUser(string token) {
        throw new NotImplementedException(); //Put your implementation here
    }

    private void SetPrincipal(System.Security.Principal.IPrincipal principal) {
        if (principal != null) {
            System.Threading.Thread.CurrentPrincipal = principal;
            if (System.Web.HttpContext.Current != null) {
                System.Web.HttpContext.Current.User = principal;
            }
        }
    }
}

我认为你需要重新表述你的问题。不太清楚。@Difster，谢谢，我把问题改了一点，希望你已经收到了发送的数据。为什么您需要检索已发送的内容？它在您的
数据
变量中。@Jamo这是因为您寻找的是请求的主体，而不是
参数
。这似乎是一个错误。您试图实现的最终目标是什么？如果打算将令牌用于auth，则应在请求头中发送令牌，然后通过Authorize属性提取令牌。在模型绑定器有机会填充模型之前阅读请求正文可能会产生负面影响。谢谢！这就是我要找的+1.
public class Authorizetest : System.Web.Http.AuthorizeAttribute {
    public override void OnAuthorization(HttpActionContext actionContext) {
        if (Authorize(actionContext)) {
            return;
        }
        HandleUnauthorizedRequest(actionContext);
    }

    protected override void HandleUnauthorizedRequest(HttpActionContext actionContext) {
        base.HandleUnauthorizedRequest(actionContext);
    }

    private bool Authorize(HttpActionContext actionContext) {
        try {
            var auth = actionContext.Request.Headers.Authorization;
            if (auth != null) {
                var scheme = auth.Scheme; //Should be Token, otherwise fail
                var token = auth.Parameter;
                //Validate your token and set your principal
                IPrincipal user = GetUser(token);
                if (user != null) {
                    SetPrincipal(user);
                    return true;
                }
            }
            return false;
        } catch (Exception) {
            return false;
        }
    }

    private IPrincipal GetUser(string token) {
        throw new NotImplementedException(); //Put your implementation here
    }

    private void SetPrincipal(System.Security.Principal.IPrincipal principal) {
        if (principal != null) {
            System.Threading.Thread.CurrentPrincipal = principal;
            if (System.Web.HttpContext.Current != null) {
                System.Web.HttpContext.Current.User = principal;
            }
        }
    }
}