亲爱,
我设计了一个OData端点,遵循这个https://docs.microsoft.com/en-us/aspnet/web-api/overview/odata-support-in-aspnet-web-api/odata-v4/create-an-odata-v4-endpoint我已经完成了它但我有一个约束:对于所有API功能,标头必须包含授权密钥。这在服务文档中的任何地方都可以完成。服务文档是您在查看URL https://SITE/api/v1时获得的文档:
{"@odata.context":"http://SITE/api/v1/$metadata","value":[{"name":"things","kind":"EntitySet","url":"things"},{"name":"others","kind":"EntitySet","url":"others"}]}
因此,您知道如何生成此类文档服务吗?是否可以编辑它?或者甚至,有没有办法在这样的文件服务中检查标题?在此先感谢您的帮助,
亲切的问候,
我自己使用以下模块解决:
using System;
using System.Linq;
using System.Web;
namespace Api.Modules
{
public class AuthorizationModule : IHttpModule
{
public void Dispose(){}
private void Context_Authorization(object sender, EventArgs e)
{
HttpApplication application = (HttpApplication)sender;
if (!IsAuthorized(application.Context))
{
application.Context.Response.Status = "403 Forbidden";
application.Context.Response.StatusCode = 403;
application.CompleteRequest();
}
}
public bool IsAuthorized(HttpContext context)
{
if (!HttpContext.Current.Request.Headers.AllKeys.Contains("Authorization"))
return false;
string authHeader = HttpContext.Current.Request.Headers["Authorization"];
if (!authHeader.Equals(Properties.Resources.Authorization_Key))
{
return false;
}
return true;
}
public void Init(HttpApplication context)
{
context.AuthenticateRequest += new EventHandler(Context_Authorization);
}
}
}
如果它有帮助......
亲切的问候,