asp.net-web-apidependency-injectionaction-filtersimple-injector.net-attributes

Simple Injector inject dependency into custom global authentication filters and OWIN middle ware OAuthAuthorizationServerProvider


I used Simple Injector as our Ioc container; we have two problems.

  1. We want to inject into our custom authentication filter; we read the post of converting attribute to a passive attribute: Convert Attribute into a passive. But we can't convert custom authentication filter attribute into a passive.

    public class BearerAuthentication : Attribute, IAuthenticationFilter
    {
       public async Task AuthenticateAsync(
           HttpAuthenticationContext context, CancellationToken cancellationToken)
        {
    
        }
       public Task ChallengeAsync(
           HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)
        {
    
        }
    }
    
  2. We want to inject dependency into OWin middleware OAuthAuthorizationServerProvider; we know we can use begin execution context scope, but we want an elegant solution.

    using (Ioc.Container.BeginExecutionContextScope())
    {
    
    }
    

Updated

public interface IAuthenticationFilter<TAttribute> where TAttribute : Attribute
{
    Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken);
    Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken);
}
public  class BearerAuthenticationFilter : Attribute, IAuthenticationFilter<BearerAuthenticationFilter>
{
    private readonly IAuthenticationBusinessEngine _authenticationBusinessEngine;
    private readonly IHttpContextAccessor _httpContextAccessor;

    public BearerAuthenticationFilter(IAuthenticationBusinessEngine authenticationBusinessEngine, IHttpContextAccessor httpContextAccessor)
    {
        _authenticationBusinessEngine = authenticationBusinessEngine;
        _httpContextAccessor = httpContextAccessor;
    }

    public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
    {

         throw new NotImplementedException();  

        }
    }

    public Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)
    {
        throw new NotImplementedException();
    }

}
public class AuthenticationFilterDispatcher : IAuthenticationFilter
{
    private readonly Func<Type, IEnumerable> _container;
    public AuthenticationFilterDispatcher(Func<Type, IEnumerable> container)
    {
        _container = container;
    }

    public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
    {
        var descriptor = context.ActionContext.ActionDescriptor;
        var attributes = descriptor.ControllerDescriptor.GetCustomAttributes<Attribute>(true)
            .Concat(descriptor.GetCustomAttributes<Attribute>(true));

        foreach (var attribute in attributes)
        {
            var filterType = typeof(IAuthenticationFilter<>).MakeGenericType(attribute.GetType());
            var filters = _container.Invoke(filterType);

            foreach (dynamic actionFilter in filters)
            {
                await actionFilter.AuthenticateAsync(context, cancellationToken);
            }
        }
    }

    public Task ChallengeAsync(HttpAuthenticationChallengeContext context, CancellationToken cancellationToken)
    {
        throw new NotImplementedException();
    }

    public bool AllowMultiple
    {
        get
        {
            return true;
        }
    }
}

Solution

  • The equivalent code for working with IAuthenticationFilter is:

    public interface IAuthenticationFilter<TAttribute> where TAttribute : Attribute
    {
        Task AuthenticateAsync(TAttribute attribute, HttpAuthenticationContext context);
    }
    
    public class AuthenticationFilterDispatcher : IAuthenticationFilter
    {
        private readonly Func<Type, IEnumerable> container;
        public AuthenticationFilterDispatcher(Func<Type, IEnumerable> container) {
            this.container = container;
        }
    
        public async Task AuthenticateAsync(HttpAuthenticationContext context,
            CancellationToken token) {
            var descriptor = context.ActionContext.ActionDescriptor;
            var attributes = descriptor.ControllerDescriptor
                .GetCustomAttributes<Attribute>(true)
                .Concat(descriptor.GetCustomAttributes<Attribute>(true));
    
            foreach (var attribute in attributes) {
                Type filterType = typeof(IAuthenticationFilter<>)
                    .MakeGenericType(attribute.GetType());
                IEnumerable filters = this.container.Invoke(filterType);
    
                foreach (dynamic actionFilter in filters) {
                    await actionFilter.AuthenticateAsync((dynamic)attribute, context);
                }
            }
        }
    
        public async Task ChallengeAsync(HttpAuthenticationChallengeContext context, 
            CancellationToken token) { }
    
        public bool AllowMultiple { get { return true; } }
    }
    

    Registration is done as follows:

    GlobalConfiguration.Configuration.Filters.Add(
        new AuthenticationFilterDispatcher(container.GetAllInstances));
    
    // For Simple Injector 2.x:
    container.RegisterManyForOpenGeneric(typeof(IAuthenticationFilter<>),
        container.RegisterAll, 
        new[] { typeof(IAuthenticationFilter<>).Assembly });
    
    // For Simple Injector 3.x:
    container.RegisterCollection(typeof(IAuthenticationFilter<>),
        new[] { typeof(IAuthenticationFilter<>).Assembly });
    

    Now instead of making your attributes active, you can make the attribute passive and implement the required logic inside an IAuthenticationFilter<MyPassiveAttribute> implementation.

    Your attribute and new component might look like this:

    // NOTE: This attribute does not derive from anything Web API specific,
    // just from Attribute
    public class RequiresBearerAuthenticationAttribute : Attribute
    {
        // put here properties if required
    }
    
    public class BearerAuthenticationFilter 
        : IAuthenticationFilter<RequiresBearerAuthenticationAttribute>
    {
        private readonly IAuthenticationBusinessEngine _authenticationBusinessEngine;
        private readonly IHttpContextAccessor _httpContextAccessor;
    
        public BearerAuthenticationFilter(
            IAuthenticationBusinessEngine authenticationBusinessEngine, 
            IHttpContextAccessor httpContextAccessor)
        {
            _authenticationBusinessEngine = authenticationBusinessEngine;
            _httpContextAccessor = httpContextAccessor;
        }
    
        public async Task AuthenticateAsync(RequiresBearerAuthenticationAttribute attribute, 
            HttpAuthenticationContext context)
        {
            // TODO: Behavior here
        }
    }