We're using OpenWeb js libraries on the frontend, and they have a need for the .NET middle tier to send them a specific HTTP header status code when certain types of errors occur. I tried to achieve that by doing this:
public ActionResult TestError(string id) // id = error code
{
Request.Headers.Add("Status Code", id);
Response.AddHeader("Status Code", id);
var error = new Error();
error.ErrorID = 123;
error.Level = 2;
error.Message = "You broke the Internet!";
return Json(error, JsonRequestBehavior.AllowGet);
}
It kind of halfway worked. See screenshot:
http status code http://zerogravpro.com/temp/pic.png
Notice I achieved the Status Code of 400 in the Response Header, but I really need the 400 in the Request Header. Instead, I get "200 OK". How can I achieve this?
My URL structure for making the call is simple: /Main/TestError/400
There is extended discussion at What is the proper way to send an HTTP 404 response from an ASP.NET MVC action?
What you want to do is set Response.StatusCode instead of adding a Header.
public ActionResult TestError(string id) // id = error code
{
Response.StatusCode = 400; // Replace .AddHeader
var error = new Error(); // Create class Error() w/ prop
error.ErrorID = 123;
error.Level = 2;
error.Message = "You broke the Internet!";
return Json(error, JsonRequestBehavior.AllowGet);
}
If all you want to return is the error code, you could do the following:
public ActionResult TestError(string id) // id = error code
{
return new HttpStatusCodeResult(id, "You broke the Internet!");
}
Reference: MSDN article on Mvc.HttpStatusCodeResult.
Otherwise, if you want to return other information use
Response.StatusCode = id
instead of
Response.AddHeader("Status Code", id);
If you can't get your json result into your view, try to add this :
Response.TrySkipIisCustomErrors = true;
Before this :
Response.StatusCode = 400;
More details on this post : https://stackoverflow.com/a/37313866/9223103
Related
I have written method that returns the result in the object. I need to capture current HttpStatusCode rather than I create my own and save in the following object before returning a result
[HttpPost]
public ActionResult CreateUser([FromBody]UsereDto user)
{
try
{
var data = UserService.CreateUser(user);
var result = new ResultDto
{
Ok = true,
Data = data,
Error = "No",
StatusCode = HttpStatusCode. ???????????????
};
return Ok(result);
}
catch(Exception exp)
{
var errorResult = new ResultDto
{
Ok = false,
Data = null,
Error = exp.ToString()
StatusCode = ????????????
};
return Ok(errorResult);
}
}
Can't capture existing http code
you can manually enter http codes yourself.
For Example:
Created Code=201
Error Code =400
BadRequest:301
NotFound:404
return StatusCode(200,object);
You can also return it this way.
I am not 100% sure what do you want to achieve or why do you even want that since HTTP Response already will contain an http status, so returning it additionally in a JSON response does not add more information than is already available.
But you can just hardcode the status since it is always 200 in your example, unless there is some error during serialization of the response, etc.
Right after your ??? line you do return an Ok() response that will return 200.
You don't need to create your own status code inside dto...
return Ok(errorResult); will return 200 with error and this is bad.
Instead, you should return BadRequestResult(errorResult) and ui will receive 500 result containing your DTO.
Also, instead of return Ok(result);, you can return OkResult(result) and this will return 200 to UI, also containing your DTO...
Also, you should extract Dto creation to it's own method in separate class, to follow DRY and single responsibility principles..
first its something that happening in webapi 2.2 and not in the old one
https://devblogs.microsoft.com/aspnet/asp-net-core-2-1-web-apis/
I get from webapi response
{
"ProductValue": [
"The input was not valid."
]
}
how i cancel this response and just get false in
ModelState.IsValid
i need to return more fields to response
and this response is not good for me
for those who have hard trouble to understand in dubug i dont enter to
this function at all,because web api built in mechanism
return his response instend of mine
{code=9}
public MyResponse Start(Request req)
{
if (ModelState.IsValid)
{
return new MyResponse(){code=0} ;
}
return new MyResponse(){code=9} ;
}
Not absolutely sure what you are trying to achieve but if you want to send your own custom error response then you can probably do something like below (Hypothetically)
Product p = GetProduct(productvalue);
if (p == null)
{
HttpError err = new HttpError($"Product with productvalue {productvalue} not found");
return Request.CreateResponse(HttpStatusCode.NotFound, err);
}
else
{
return Request.CreateResponse(HttpStatusCode.OK, p);
}
services.AddMvc()
.ConfigureApiBehaviorOptions(options =>
{
options.SuppressModelStateInvalidFilter = true;
});
thanks to Kirk Larkin
I have a action method like this
[ResponseType(typeof(DiaryDeviceDTO))]
[HttpPost]
[Route("api/Device/Register")]
public async Task<IHttpActionResult> Register(DeviceRegistration deviceRegistration)
{
if (deviceRegistration == null)
{
return BadRequest("Request body is null");
}
DiaryDevice device = await _deviceBl.Register(deviceRegistration.RegistrationCode);
var deviceDto = Mapper.Map<DiaryDevice, DiaryDeviceDTO>(device);
return Ok(deviceDto);
}
When I call this api from PostMan with below request body, I get deviceRegistration object as null. I also set ContentType header as application/json
{
"ApiKey" : "apikey",
"RegistrationCode" : "123",
"ImeiNo" : "12345"
}
Then I try to read the request content as below-
string body = await Request.Content.ReadAsStringAsync();
This time I also get body = ""
But when I run my Unit test I get deviceRegistration as I wanted. So what's wrong with my code. Why my code only work for unit testing. I am using Web Api 2.2
Update / Solution
Sorry for asking this question. Actually it was my mistake. I accidentally read the request body inside Application_BeginRequest() method for logging. I move those logging codes inside Application_EndRequest() method and everything becomes ok.
Given what you've shown, this should work for the requests to api/device/register
[ResponseType(typeof(DiaryDeviceDTO))]
[HttpPost]
[Route("api/Device/Register")]
public async Task<IHttpActionResult> Register([FromBody]DeviceRegistration deviceRegistration)
{
if (deviceRegistration == null)
{
return BadRequest("Request body is null");
}
DiaryDevice device = await _deviceBl.Register(deviceRegistration.RegistrationCode);
var deviceDto = Mapper.Map<DiaryDevice, DiaryDeviceDTO>(device);
return Ok(deviceDto);
}
Note the [FromBody] attribute.
ASP.NET
[HttpPost]
[Route("apitest")]
public string apitest([FromBody]string str)
{
Console.Writeline(str); // str is always null
return null;
}
Angular 2:
var creds = "str='testst'" ;
var headers = new Headers();
headers.append('Content-Type', 'application/x-www-form-urlencoded');
http.post('http://localhost:18937/apitest', creds, {
headers: headers
})
.map(res => res.json())
.subscribe(
(res2) => {
console.log('subsribe %o', res2)
}
);
I also tried creds = {"str":"test"}; without headers JSON.stringify() etc. without success. How do I Post data to ASP.NET?
var creds = {
str: 'testst'
};
$http.post('http://localhost:18937/apitest', JSON.stringify(creds));
No changes in Web API controller and it should work.
This is probably an issue with the way that ASP.NET and MVC handle data POSTS.
[HttpPost]
public ActionResult Index(int? id)
{
Stream req = Request.InputStream;
req.Seek(0, System.IO.SeekOrigin.Begin);
string json = new StreamReader(req).ReadToEnd();
InputClass input = null;
try
{
// assuming JSON.net/Newtonsoft library from http://json.codeplex.com/
input = JsonConvert.DeserializeObject<InputClass>(json)
}
catch (Exception ex)
{
// Try and handle malformed POST body
return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
//do stuff
}
You can refer to my answer here and the referenced links as to a potential cause of the issue. There are quite a few server side web frameworks that inappropriately handle data POSTS and by default doesn't add the data to your request object.
You shouldn't [have to] try and change the behavior of your angular post, and modify headers to pretend your data post is a form post.
I have an MVC webapi site that uses OAuth/token authentication to authenticate requests. All the relevant controllers have the right attributes, and authentication is working ok.
The problem is that not all of the request can be authorised in the scope of an attribute - some authorisation checks have to be performed in code that is called by controller methods - what is the correct way to return a 401 unauthorised response in this case?
I have tried throw new HttpException(401, "Unauthorized access");, but when I do this the response status code is 500 and I get also get a stack trace. Even in our logging DelegatingHandler we can see that the response is 500, not 401.
You should be throwing a HttpResponseException from your API method, not HttpException:
throw new HttpResponseException(HttpStatusCode.Unauthorized);
Or, if you want to supply a custom message:
var msg = new HttpResponseMessage(HttpStatusCode.Unauthorized) { ReasonPhrase = "Oops!!!" };
throw new HttpResponseException(msg);
Just return the following:
return Unauthorized();
As an alternative to the other answers, you can also use this code if you want to return an IActionResult within an ASP.NET controller.
ASP.NET
return Content(HttpStatusCode.Unauthorized, "My error message");
Update: ASP.NET Core
Above code does not work in ASP.NET Core, you can use one of these instead:
return StatusCode((int)System.Net.HttpStatusCode.Unauthorized, "My error message");
return StatusCode(Microsoft.AspNetCore.Http.StatusCodes.Status401Unauthorized, "My error message");
return StatusCode(401, "My error message");
Apparently the reason phrase is pretty optional (Can an HTTP response omit the Reason-Phrase?)
You get a 500 response code because you're throwing an exception (the HttpException) which indicates some kind of server error, this is the wrong approach.
Just set the response status code .e.g
Response.StatusCode = (int)HttpStatusCode.Unauthorized;
To add to an existing answer in ASP.NET Core >= 1.0 you can
return Unauthorized();
return Unauthorized(object value);
To pass info to the client you can do a call like this:
return Unauthorized(new { Ok = false, Code = Constants.INVALID_CREDENTIALS, ...});
On the client besides the 401 response you will have the passed data too. For example on most clients you can await response.json() to get it.
In .Net Core You can use
return new ForbidResult();
instead of
return Unauthorized();
which has the advantage to redirecting to the default unauthorized page (Account/AccessDenied) rather than giving a straight 401
to change the default location modify your startup.cs
services.AddAuthentication(options =>...)
.AddOpenIdConnect(options =>...)
.AddCookie(options =>
{
options.AccessDeniedPath = "/path/unauthorized";
})
you can use follow code in asp.net core 2.0:
public IActionResult index()
{
return new ContentResult() { Content = "My error message", StatusCode = (int)HttpStatusCode.Unauthorized };
}
You also follow this code:
var response = new HttpResponseMessage(HttpStatusCode.NotFound)
{
Content = new StringContent("Users doesn't exist", System.Text.Encoding.UTF8, "text/plain"),
StatusCode = HttpStatusCode.NotFound
}
throw new HttpResponseException(response);
Make sure that the lines order in "Startup.cs" is like this, not vise versa:
app.UseAuthentication(); // the order is important
app.UseAuthorization();
That was what cased the issue in my case.
Because I found this post as best match.
For a ASP.NET Core Web Api the ReturnType ContentResult is a good choice:
[HttpPost]
[Route("api/my-controller")]
public async ContentResult Index([FromBody] MyRequestType request)
{
if (!authenticate(request.User,request.Password)
{
return new ContentResult() { StatusCode = StatusCodes.Status401Unauthorized };
}
//Process request
var myReturnObject = await processRequest(request);
string errString = System.Text.Json.JsonSerializer.Serialize(myReturnObject);
return new ContentResult()
{
Content = errString,
StatusCode = StatusCodes.Status200OK,
};
}